HP OpenVMS I64 Reference Guide

Software Product Description
PRODUCT NAME: HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Note:
The OpenVMS VAX information is included in the HP OpenVMS Operating System for Alpha Version 7.3-1 and 7.3-2, and VAX Version 7.3 Software Product De­scription (SPD 25.01.xx).
This SPD describes the HP OpenVMS Operating Sys­tem software for the AlphaServer and Integrity server computer families. Except where explicitly noted, the features described in this SPD apply equally to AlphaServer and Integrity server systems. HP OpenVMS operating system licenses and part numbers for the two platforms are architecture specific. Please refer to the Ordering Information section of this SPD for further details.
DESCRIPTION
OpenVMS is a general-purpose, multiuser operating system that runs in both production and development environments. Starting with OpenVMS Version 8.2, HP introduced support for OpenVMS for Integrity servers. OpenVMS Version 8.3-1H1 continues support for all of the Integrity servers and options supported in previous versions of HP OpenVMS for Integrity servers. Open­VMS Version 8.3-1H1 introduces support for additional Integrity server systems. For Alpha systems, OpenVMS Version 8.3 replaces Version 8.2; for Integrity servers, Version 8.3-1H1 replaces Version 8.3. Standard support for OpenVMS Version 8.3 on Integrity systems contin­ues when OpenVMS version 8.3-1H1 ships.
OpenVMS Alpha supports Hewlett-Packard’s AlphaServer series computers. OpenVMS software supports industry
standards, facilitating application portability and interop­erability. OpenVMS provides symmetric multiprocessing (SMP) support for multiprocessing systems.
The OpenVMS operating system can be tuned to perform well in a wide variety of environments. This includes combinations of compute-intensive, I/O­intensive, client/server, real-time, and other environ­ments. Actual system performance depends on the type of computer, available physical memory, and the num­ber and type of active disk and tape drives.
The OpenVMS operating system has well-integrated networking, distributed computing, client/server, multi­processing, and windowing capabilities. It contains ex­tensive features that promote ease-of-use, improve the productivity of programmers, and facilitate system man­agement.
For information about the OpenVMS Version 8.3-1H1 new features, please refer to the HP OpenVMS Version
8.3-1H1 for Integrity Servers New Features and Release Notes at:
http://www.hp.com/go/openvms/doc/
USER ENVIRONMENT
Users can access the OpenVMS software by using the English-like DIGITAL Command Language (DCL), the command language for OpenVMS that is supplied with the system. DCL commands provide information about the system and initiate system utilities and user pro­grams. DCL commands take the form of a command name followed by parameters and qualifiers.
October 2007
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Users can enter DCL commands at a terminal or include them in command procedures. These command proce­dures can be run interactively or submitted to a batch queue for later processing. Information about DCL and OpenVMS utilities is available on line through the Open­VMS Help system.
For users who are familiar with the UNIX shell and util­ities, an open source port of GNV is available. GNV implements a UNIX environment on OpenVMS and includes an Implementation of the UNIX shell BASH (Bourne Again Shell) and many UNIX-shell utilities.
The following tools and utilities are integrated into the OpenVMS operating system.
Text Processing
The Extensible Versatile Editor (EVE) is the default ed­itor for OpenVMS. EVE allows users to insert, change, and delete text quickly. EVE is a full-screen editor that allows users to scroll through text on a terminal screen. EVE provides an EDT-style keypad, allowing EDT users to move easily to EVE.
Mail Utility
The Mail utility allows users to send messages to any other user on the system. Multinode operation is avail­able if a DECnet or TCP/IP product is installed and li­censed on each participating node on the network.
Command-Level Programming
Command-level programming allows users to create special files, called command procedures, that contain a series of DCL commands. When users execute a com­mand procedure, the system processes the commands in the command procedure consecutively.
User Environment Tailoring
Users can customize the computing environment with login command procedures, shorthand commands, binding of commands to function keys, and command recall and editing.
PROGRAM DEVELOPMENT ENVIRONMENT
OpenVMS includes a comprehensive set of tools for de­veloping programs, including: run-time libraries (RTLs), a linker, a librarian, and a symbolic debugger.
The following tools are available to the OpenVMS pro­grammer.
Java™ SE Development Kit
The Java Platform, Standard Edition Development Kit (JDK) provides a development and deployment envi­ronment for Java applications on OpenVMS Alpha and OpenVMS for Integrity servers, including a set of basic development tools and a rich set of class libraries.
Language and Run-Time Library Support
OpenVMS includes several RTLs that provide:
• String manipulation
• Parallel processing support
• I/O routines
• I/O conversion
• Terminal-independent screen handling
• Date and time formatting routines
• Highly accurate mathematical functions
• Signaling and condition handling
• Other general-purpose functions
With OpenVMS Alpha, these routines can be called from programs written in such languages as MACRO­32, MACRO-64, Ada, BASIC, C, C++, COBOL, Fortran, Pascal, and PL/I.
With OpenVMS for Integrity servers, these routines can be called from programs written in such languages as MACRO-32, BASIC, C, C++, COBOL, Fortran, and Pas­cal.
Also included in OpenVMS are language-support li­braries. While each language is different, all provide support for sequential file I/O, and most support direct and indexed file I/O. Language RTLs also provide sup­port for I/O formatting, error handling, and in Fortran, the ability to read unformatted files that contain data from other vendors.
RTLs are provided to support translated images created from user-mode images built on OpenVMS Alpha Ver­sion 6.1 through Version 7.3-2.
Calling Standard
Many HP languages adhere to the common calling stan­dard. This means that routines written in any of these languages can directly call routines written in any other language. Development of applications using multiple languages is simple and straightforward.
All user-accessible routines in the RTLs follow the appropriate platform calling standard and condition­handling conventions, and most are contained within shareable images.
2
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
At a lower level, programs can call system services di­rectly for security, event flag, asynchronous system trap, logical name, record and file I/O, process control, timer, time conversion, condition handling, lock management, and memory management. Again, system services use the appropriate platform calling standard and condition­handling conventions.
OpenVMS supports the execution of user-mode images created on earlier versions of OpenVMS. Typically, re­compiling and relinking are not required.
MACRO Compiler
With minor modifications, VAX MACRO-32 sources can be compiled for execution on Alpha or Integrity servers.
POSIX Threads Library
OpenVMS includes a user-mode, multithreading capa­bility called POSIX Threads Library. POSIX Threads Library provides a POSIX 1003.1-1996 standard style threads interface. Additionally, POSIX Threads Li­brary provides an interface that is the OpenVMS imple­mentation of Distributed Computing Environment (DCE) threads as defined by The Open Group.
POSIX Threads Library is a library of run-time rou­tines that allows the user to create multiple threads of execution within a single address space. With POSIX Threads Library Kernel Threads features en­abled, POSIX Threads Library provides for concurrent processing across all CPUs by allowing a multithreaded application to have a thread executing on every CPU (on both symmetric and asymmetric multiprocessor sys­tems). Multithreading allows computation activity to overlap I/O activity. Synchronization elements, such as mutexes and condition variables, are provided to help ensure that shared resources are accessed correctly. For scheduling and prioritizing threads, POSIX Threads Library provides multiple scheduling policies. For de­bugging multithreaded applications, POSIX Threads Li­brary is supported by the OpenVMS Debugger. POSIX Threads Library also provides Thread Independent Ser­vices (TIS), which assist in the development of thread­safe APIs.
Librarian Utility
The Librarian utility permits storage of object modules, image files, macros, help files, text files, or any gen­eral record-oriented information in central, easily acces­sible files. Object module and image file libraries are searched by the linker when the linker finds a reference it cannot resolve in one of its input files. Macro libraries are searched by MACRO-32 and MACRO-64 when ei­ther finds a macro name that is not defined in the input file.
Hypersort
Hypersort is a portable library of user-callable routines that provide a high-performance sorting capability for Alpha and Integrity servers.
Traceback Facility
When an application is compiled and linked with trace­back information, the Traceback facility translates stack frame addresses into routine names and line numbers and displays a symbolic traceback whenever a runtime error occurs in that application.
Debugger
The OpenVMS Debugger allows users to trace program execution, as well as display and modify register con­tents using the same symbols that are present in the source code.
The debugger contains a heap analyzer feature that dis­plays a graphic view of memory allocations and deallo­cations in real time.
System Code Debugger
The OpenVMS System Code Debugger is a kernel code debugger. It allows a system code developer to trace the execution of nonpageable system code at any inter­rupt priority level (IPL). Based on the OpenVMS Debug­ger, the System Code Debugger uses the same inter­face and most of the same command set.
System Dump Analyzer (SDA) Utility
In the event of a system failure, OpenVMS writes the contents of memory to a preallocated dump file. This dump file can later be analyzed using System Dump Analyzer (SDA). System dumps can either be full mem­ory dumps, where all memory is written, or selective memory dumps, where only portions of memory in use at the time of the system failure is written. The dump file can be located on any locally connected disk. On Alpha and Integrity servers, dump compression allows both full and selective dumps to be written to smaller files than required for uncompressed dumps. Full mem­ory dumps, if not compressed, require a dump file big enough to hold all memory. Selective memory dumps write as much of the memory in use at the time of the system failure that will fit into the dump file.
Spinlock Tracing Utility
The Spinlock Tracing Utility provides a mechanism for characterizing spinlock usage and can collect perfor­mance data for a given spinlock on a per-CPU basis.
3
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Process Dumps
When an application fails, a copy of its registers and memory can be written to a data file, which can be examined using the ANALYZE PROCESS utility. This utility uses the same interface and commands as the OpenVMS Debugger to allow registers and memory to be examined. On Alpha or Integrity servers, another process can initiate the writing of the memory dump.
RMS File Utilities
Record Management Services (RMS) file utilities allow users to analyze the internal structure of an RMS file and tune the I/O, memory, space and performance pa­rameters of the file. The RMS file utilities can also be used to create, load, and reclaim space in an RMS file. Refer to the Operating System Environment section of this SPD for more information about RMS.
File Differences Utility
This utility compares the contents of two files and lists those records that do not match.
Translated Image Environment (TIE) (Alpha)
OpenVMS Alpha provides an array of services that allow the operation of programs which have under­gone binary translation from OpenVMS VAX images. These programs perform virtually all user-mode func­tions on OpenVMS Alpha and operate in combination with other programs (images) that have been translated from OpenVMS VAX or have been built using native compilers on OpenVMS Alpha. Without requiring spe­cial source code, the TIE resolves differences between the VAX and Alpha architectures, including floating­point registers, condition codes, exception handling, and ASTs. The TIE included with OpenVMS Alpha can run images that have been translated elsewhere.
For additional information, refer to the following web site: http://h71000.www7.hp.com/commercial/cace.html (under the Tools section)
Translated Image Environment (TIE) (Integrity servers)
OpenVMS for Integrity servers provides an array of services that allow the operation of programs which have undergone binary translation from OpenVMS Al­pha images or VESTed OpenVMS VAX images. These programs perform virtually all user-mode functions on OpenVMS for Integrity servers and operate in combi­nation with other programs (images) that have been translated from OpenVMS Alpha or VAX, or have been built using native compilers on OpenVMS for Integrity servers. Without requiring special source code, the TIE resolves differences between the Alpha and Integrity ar­chitectures, including floating-point.
For additional information, refer to the following web site: http://h71000.www7.hp.com/commercial/cace.html (under the Tools section)
SYSTEM MANAGEMENT ENVIRONMENT
OpenVMS provides a set of tools and utilities that aid the system manager in configuring and maintaining an optimal system as follows:
Web-Based Enterprise Management Services for OpenVMS
Web-Based Enterprise Managment (WBEM) Services for OpenVMS is an industry standard for monitoring and controlling resources. It is available and installed automatically with OpenVMS on Integrity server sys­tems. WBEM Services for OpenVMS (WBEMCIM) is required for use of such features as Instant Capacity (iCAP), Temporary Instant Capacity (TiCAP), and Pay per use (PPU), and for products such as Global Work­load Manager (gWLM), and HP Systems Insight Man­ager (HP SIM). In addition, WBEM Providers for Open­VMS is installed automatically with OpenVMS for In­tegrity servers. It is required for HP SIM services and GiCAP.
With version 8.3-1H1 support for HP BL860c Server Blade, management and monitoring of these systems is accomplished by WBEM communicating with HP SIM management agents. For server blade support, new "Providers" are included that enable the monitoring of hardware and the operating system, including:
• Operating system
• Computer system
• Process and processor statistics
• Indication (monitors events)
• Firmware version
• Fan and power supply
• Management Processor
• CPU instance
• Memory instance
• Enclosure
4
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Provisioning OpenVMS Using HP Systems Insight Manager
HP Systems Insight Manager (HP SIM) is the foundation for HP’s unified server-storage management strategy. It provides simplified, centralized management of multi­ple servers and platforms through a web-based, unified ("single-pane-of-glass") interface. HP SIM offers the ba­sic tools needed to identify, discover, monitor and deploy systems and other assets on the network. The core HP SIM software uses WBEM to deliver essential capabili­ties required for managing HP server platforms.
HP SIM can be activated from a browser on a PC. An OpenVMS plug-in must be installed on the ProLiant server. Once HP SIM initiates the provisioning, the in­stallation or upgrade process occurs automatically in the background. To provide provisioning over the network, use HP SIM in conjunction with the InfoServer software utility (and TCP/IP Services for OpenVMS).
Provisioning can also be accomplished with vMedia. An ISO image of the OpenVMS OE DVD is created and stored on the server where HP SIM is running. HP SIM then connects vMedia to that image. Using vMedia one server can be provisioned at a time. Currently, HP SIM provisioning does not support booting from a shadowed system disk. You can deploy vMedia independently of HP SIM to install or upgrade a server over the network.
For more information about OpenVMS Provisioning see:
http://www.hp.com/go/openvms/provisioning
HP Availability Manager
HP Availability Manager is a system management tool that enables you to monitor one or more OpenVMS nodes on an extended local area network (LAN) from ei­ther an OpenVMS Alpha system, or an OpenVMS for In­tegrity server system, or a PC running Windows®. This tool helps system managers and analysts target a spe­cific node or process for detailed analysis and also can resolve certain performance or resource problems. It is the multiplatform replacement for the DECamds product and includes the DECamds functionality in its capabili­ties.
For OpenVMS version 8.3-1H1, Availability Manager has a wide-area capability whereby any system on the network supporting AM can be managed from a central console.
The Data Collector, part of the Availability Manager product, collects system and process data on an Open­VMS node and should be installed on each node that you need to monitor (Alpha and Integrity servers).
The Data Analyzer analyzes and displays the data col­lected by the Data Collector, and can analyze and dis­play data from many OpenVMS nodes simultaneously (OpenVMS Alpha nodes, and PCs running Windows).
Hardware recommendations and related documentation are available on the OpenVMS System Management web page located at:
http://www.hp.com/products/openvms /availabilitymanager/
DECamds
DECamds is in maintenance mode and is not available on OpenVMS Version 8.2 or higher. Availability Man­ager replaces DECamds. DECamds installs and runs on VAX from V6.2 through V7.3 and Alpha from V6.2 through V7.3-2.
DECamds is not supported on OpenVMS for Integrity servers and will not install on OpenVMS Alpha Version
8.2 or higher.
Management Agents for OpenVMS
HP Systems Insight Manager (HP SIM) is the founda­tion for HP’s unified infrastructure management strat­egy. It provides hardware level management for all HP storage products and servers, including OpenVMS Al­pha and OpenVMS for Integrity servers. With Manage­ment Agents installed on an OpenVMS system, that system can be managed using HP SIM as the single management console providing fault monitoring, config­uration management, and event alarms. The Manage­ment Agents for OpenVMS and related documentation is available on the OpenVMS System Management web page located at:
http://www.hp.com/products/openvms /managementagents/
HP OpenVMS Management Station
HP OpenVMS Management Station (OMS) is a pow­erful Microsoft® Windows based management tool for system managers and others who perform system man­agement tasks on OpenVMS systems. OMS features an intuitive user interface that is meaningful to system managers and their environment by allowing them to manage user accounts, printers, and storage on their systems. System managers and help desk staff no
5
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
longer need to remember complicated DCL syntax or command procedures to manage their OpenVMS Al­pha and Integrity server systems. OMS is based on the Microsoft Management Console (MMC). The Microsoft Management Console provides a common management framework for various administration programs. Open­VMS Management Station is implemented as an MMC snap-in and includes all of the MMC components you need. OpenVMS Management Station and related doc­umentation is available via the OpenVMS System Man­agement web page located at:
http://www.hp.com/products/openvms/
managementstation/
Enterprise Capacity and Performance Analyzer
Enterprise Capacity and Performance (ECP) Analyzer works with the data that is collected by a Data Collec­tor (ECP Data Collector for VAX and Performance Data Collector (TDC) Version 2.1 or later for Alpha and In­tegrity servers). ECP Analyzer provides both graphical (MOTIF-based) and tabular reports for the data assem­bled by the collector including metrics for CPU, disk I/O, memory, paging, processes, locks, and SCS. The ECP Analyzer, which runs on Alpha, will process data from:
• ECP Data Collector (VAX)
• TDC (Alpha and Integrity servers)
The Performance Analyzer and related documentation is available on the OpenVMS System Management web page located at:
http://www.hp.com/products/openvms/ecp/
Performance Data Collector
The Graphical Configuration Manager (GCM) for OpenVMS is a portable client/server application that provides a visual means of viewing and controlling the configuration of partitioned AlphaServer systems run­ning OpenVMS. The GCM client, a Java-based appli­cation, can run on any operating system that supports a TCP/IP network and the Java runtime environment— Software Development Kit (SDK), v1.2.2 or higher, for the Java Platform. (Currently, the GCM client is not sup­ported on SDK Version 1.3 or higher.) A GCM server runs as a detached process on each partitioned Open­VMS instance on one or more AlphaServer systems.
Class Scheduler for CPU Scheduling
The Class Scheduler is a SYSMAN-based interface for defining and controlling scheduling classes for Open­VMS systems that allows you to designate the percent­age of CPU time that a system’s user may receive by placing users into scheduling classes.
Batch and Print Queuing System
OpenVMS provides an extensive batch and print capa­bility that allows the creation of queues and the setup of spooled devices to process non-interactive workloads in parallel with timesharing or real-time jobs.
The OpenVMS batch and print operations support two types of queues: generic queues and execution queues. A generic queue is an intermediate queue that holds a job until an appropriate execution queue becomes avail­able to initiate the job. An execution queue is a queue through which the job (either print or batch) is actually processed. Because multiple execution queues can be associated with a generic queue, OpenVMS enables load balancing across available systems in an Open­VMS Cluster system, increasing overall system through­put.
Performance data for an AlphaServer or Integrity server system can be gathered using the Performance Data Collector (TDC). By default, TDC periodically collects and stores data in a file that can be retrieved by user applications. A TDC Software Developers Kit (SDK) supports integration of TDC with new or existing appli­cations and allows processing of "live" data as well as data read from files. TDC Version 2.2 runtime software is installed with OpenVMS Version 8.3-1H1.
Performance Data Collector runtime software (TDC_RT Version 2.2) is installed with OpenVMS Version 8.3-1H1.
Additional Performance Data Collector software and up­dates, the SDK, and related documentation are avail­able at:
http://www.hp.com/products/openvms/tdc/
Graphical Configuration Manager for OpenVMS
Print queues, both generic and execution, together with queue management facilities, provide versatile print ca­pabilities, including support for various print file formats.
Accounting Utility
For accounting purposes, OpenVMS keeps records of system resource usage. These statistics include pro­cessor and memory utilization, I/O counts, print sym­biont line counts, image activation counts, and process termination records. The OpenVMS Accounting utility allows you to generate various reports using this data.
Audit Analysis Utility
For security auditing purposes, OpenVMS selectively records critical, security-relevant events in the system security audit log file. These records contain the date and time the event occurred, the identity of the asso­ciated user process, and information specific to each event type. This information helps the system manager
6
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
maintain system security and deter possible intruders. The OpenVMS Audit Analysis utility allows you to gen­erate various reports from this data.
Autoconfigure and AUTOGEN Utilities
The Autoconfigure and AUTOGEN utilities automatically configure the available devices in the system tables and set system parameters based on the peripheral and memory architecture. This eliminates the need for a tra­ditional system generation process when the hardware configuration is expanded or otherwise modified.
The OpenVMS AUTOGEN command procedure sets several system parameters automatically by detecting the devices installed in a configuration. A feedback op­tion allows you to generate a report of recommended parameter settings based on previous usage patterns.
Backup Utility
The Backup utility provides both full-volume and incre­mental file backups for file-structured, mounted volumes and volume sets. Individual files, selected directory structures, or all files on a volume set can be backed up and restored. Files can be selected by various dates (such as creation or modification) and can be backed up to magnetic tape, magnetic disk, or Write Once Read Many (WORM) optical disk. The Backup utility can also be used to restore a saveset or list the contents of a saveset.
A Backup API is included for invoking backup routines from an executable procedure.
The Backup Manager for OpenVMS provides a screen­oriented interface to the Backup utility that assists users in performing routine backup operations. The Backup Manager is menu driven and provides:
• Access to the save, restore, and list operations with­out having to understand Backup command syntax
• The ability to create, modify, recall, and delete Backup Manager templates that describe the Backup save operations
Recordable DVD
OpenVMS provides the capability on Alpha and Integrity server systems to record locally mastered disk volumes or disk image files onto a CD-R, CD-RW, DVD+R or DVD+RW optical-media recording device on specific drives and configurations.
Recordable CD
OpenVMS provides the capability to write once to CD-R media using an application shipping in the base oper­ating system. The feature supports only those writable CD devices (CD-RW) that ship with supported Alpha
systems and supported Integrity servers. For the ap­plication details, please reference the OpenVMS doc­umentation set. For platforms supporting the CD-RW hardware option, please refer to the appropriate page at the following web sites:
http://h18002.www1.hp.com/alphaserver/ http://www.hp.com/products1/servers/integrity/index.html
Analyze Disk Structure Utility
The Analyze Disk Structure utility compares the struc­ture information on a disk volume with the contents of the disk, prints the structure information, and permits changes to that information. It can also be used to re­pair errors detected in the file structure of disks.
License Management Facility (LMF)
The License Management Facility allows the system manager to enable software licenses and to determine which software products are licensed on an OpenVMS system.
System Management Utility (SYSMAN)
The System Management utility allows system man­agers to define a management environment in which operations performed from the local OpenVMS system can be executed on all other OpenVMS systems in the environment.
HP Services Tools
HP Services provides web-based tools for crash dump analysis and hardware fault isolation. For more infor­mation, visit the following web site:
http://h18000.www1.hp.com/support/svctools/
SECURITY
OpenVMS provides a rich set of tools to control user ac­cess to system-controlled data structures and devices that store information. OpenVMS employs a reference monitor concept that mediates all access attempts be­tween subjects (such as user processes) and security­relevant system objects (such as files). OpenVMS also provides a system security audit log file that records the results of all object access attempts. The audit log can also be used to capture information regarding a wide variety of other security-relevant events.
User account information, privileges and quotas associ­ated with each user account is maintained in the system user authorization file (SYSUAF). Each user account is assiged a user name, password, and unique user iden­tification code (UIC). To log in and gain access to the system, the user must supply a valid user name and password. The password is encoded and does not ap­pear on terminal displays.
7
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Users can change their password voluntarily, or the sys­tem manager can specify how frequently passwords change, along with minimum password length, and the use of randomly generated passwords.
Operations
OpenVMS allows for varying levels of privilege to be assigned to different operators. Operators can use the OpenVMS Help Message utility to receive online descriptions of error messages. In addition, system­generated messages can be routed to different terminals based on their interest to the console operators, tape li­brarians, security administrators, and system managers.
Security auditing is provided for the selective recording of security-related events. This auditing information can be directed to security operator terminals (alarms) or to the system security audit log file (audits). Each au­dit record contains the date and time of the event, the identity of the associated user process, and additional information specific to each event.
OpenVMS provides security auditing for the following events:
• Login and logout
• Login failures and break-in attempts
• Object creation, access, deaccess, and deletion; se­lectable by use of privilege, type of access, and on individual objects
• Authorization database changes
• Network logical link connections for DECnet for OpenVMS, DECnet-Plus, DECwindows, IPC, and SYSMAN
• Use of identifiers or privileges
• Installed image additions, deletions, and replace­ments
• Volume mounts and dismounts
• Use of the Network Control Program (NCP) utility
• Use or failed use of individual privileges
• Use of individual process control system services
• System parameter changes
• System time changes and recalibrations
Every security-relevant system object is labeled with the UIC of its owner along with a simple protection mask. The owner UIC consists of two fields: the user field and a group field. System objects also have a protec­tion mask that allows read, write, execute, and delete access to the object’s owner, group, privileged system users, and to all other users. The system manager can protect system objects with access control lists (ACLs)
that allow access to be granted or denied to a list of in­dividual users, groups, or identifiers. ACLs can also be used to audit access attempts to critical system objects.
OpenVMS applies full protection to the following system objects:
• Common event flag clusters
• Devices
• Files
• Group global sections
• Logical name tables
• Batch/print queues
• Resource domains
• Security classes
• System global sections
• ODS-2 volumes
• ODS-5 volumes
OpenVMS provides optional security solutions to protect your information and communications:
• OpenVMS Version 8.3-1H1 includes encryption for data confidentiality that ships as part of the op­erating system, thereby removing the requirement to license and install Encrypt separately. The EN­CRYPT and DECRYPT commands, now part of OpenVMS, support AES file encryption with 128, 192, or 256 bit keys. AES encryption is also sup­ported by BACKUP/ENCRYPT, allowing for the cre­ation of encrypted tapes and save-sets. The built-in encryption functionality is backward-compatible with file and backup tapes created by the former lay­ered product Encryption for OpenVMS. This layered product featured 56-bit Data Encryption Standard (DES), which continues to function today, allowing for the decryption of archived DES encrypted data. The AES encryption functionality supports Electronic Code Book (ECB) and Cipher Block Chaining (CBC) block modes of encryption. The Cipher Feedback (CFB) and Output Feedback (OFB) 8-bit character stream modes are also supported from the command line as well as by the programmatic APIs.
• Secure Sockets Layer (SSL) for OpenVMS Alpha and Integrity server systems provides secure transfer of sensitive information over the Internet
• Common Data Security Architecture (CDSA) is con­figured and initialized automatically during installa­tion and upgrades and is required for Secure Deliv­ery purposes and other security features. If you in­stall a newer version of CDSA without upgrading the base operating system, you must initalize the CDSA software, using the following command. Enter the command from an account that has both SYSPRV
8
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
and CMKRNL privileges (for example, the SYSTEM account). $ @SYS$STARTUP:CDSA$UPGRADE
• Kerberos for OpenVMS
• Per-Thread Security Profiles
• External Authentication
Note: Users who are externally authenticated by their LAN Manager need only remember a single user name/password combination to gain access to their OpenVMS and LAN Manager accounts.
Government Security Ratings
OpenVMS is committed to consistently delivering a se­cure base operating system, and has been evaluated and certified to be compliant with the DoD 5200.28-STD
Department of Defense Trusted Computer System Eval­uation Criteria. Each release of OpenVMS sucessfully
completes the same test suite used to prove C2 compli­ance to the National Computer Security Center before it is released.
Note: Because no system can provide complete se­curity, HP cannot guarantee complete system security. However, HP continues to enhance the security capabil­ities of its products. Customers are strongly advised to follow all industry-recognized security practices. Open­VMS recommended procedures are included in the HP OpenVMS Guide to System Security.
HP UTILITY PRICING ON OpenVMS FOR INTEGRITY SERVERS
HP Utility Pricing on OpenVMS for Integrity servers en­ables customers to pay for CPU resources when they need them, thereby allowing them to respond to planned or unplanned permanent load increases and temporary spikes.
• Instant Capacity or iCAP is relevant for systems that are purchased through capital expenditure.
• Pay per use (PPU) is valid only for systems that are leased exclusively through HP Finance.
Instant Capacity
Instant Capacity (iCAP) provides reserve capacity that the customer can put into production quickly without dis­rupting operations.
Benefits:
• Provides a highly available preconfigured "ready-to­run" solution.
• Allows activation of reserve capacity when needed.
• Encompasses cell boards and individual cores.
• Allows you to defer or avoid purchase of capactiy until used.
• Full corporate implementation ensures OpenVMS can share iCAP cores across hard partitions with HP­UX on a common Integrity system.
• Integrated with Global Workload Manager (gWLM) which can automatically reallocate active cores across hard partitions in response to workload de­mands.
Operational features:
• iCAP cores are purchased at a fraction of the price of active cores and are denoted as Components With­out Usage Rights (CWUR).
• Systems are configured at the factory before delivery with a minimum of one active core and the required number of iCAP cores.
• Once iCAP cores are activated, the balance of the price is paid and an activation Rights To Use (RTU) codeword is obtained from the HP iCAP web portal. The iCAP core/memory is then made active by the system manager.
• When a core or cell board is permanently activated, support of the core/cell board is automatically added to the overall support costs of the system.
Note: Activation of iCAP permanently adds a new core, with all the attendant HP software and third-party soft­ware licensing and support that this requires.
TiCAP (Temporary iCAP)
• Enables the customer to temporarily activate proces­sors for a set period of time, with a minimum 30 minute granularity per core.
• Permanent activation fee is not required. You can utilize an existing core for as long as needed.
• Accommodates customers with unpredictable or planned temporary processor demands.
Operational features:
• Works with processors, does not include cell boards or memory.
• Customer orders standard iCAP processors and pays the same discounted price.
• Customer then purchases the right to temporarily ac­tivate one or more iCAP cores for one or more 30­CPU days.
• Does not require an email connection from customer site to HP.
• The iCAP software issues a warning before the TiCAP license is likely to expire, based on the rate of depletion that it tracks across all relevant cores.
9
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
• Hardware services are included for the cores acti­vated by the TiCAP license.
• The relevant operating environment (OE) is automat­ically licensed on activated TiCAP cores.
Note: Other HP and third-party software have their own licensing policies. HP recommends that customers pur­chase sufficient software licenses to meet peak needs.
Pay per use
Pay per use (PPU) is a leasing program with HP Finance which customers pay only for CPU computing capacity they use.
Key features:
• Runs on all Integrity cell-based systems (rx7620, rx7640, rx8620, rx8640, and Superdome).
• The customer pays a fixed, minimum monthly lease and a variable monthly amount that is based on ac­tual usage of CPUs.
• The customer is guaranteed that, for any given month, the PPU charge will not exceed 105% of the standard lease cost.
• The customer is guaranteed that over the full term of the lease—either three or four years, as chosen by the customer—the total PPU lease charge will not ex­ceed 100% of the standard full-term lease cost sys­tem.
• There are two types of PPU:
1. Actual percentage of utilization of each CPU (also
called Percent CPU)
2. A count of the number of active CPUs (also called
Active CPU)
• Percent CPU and Active CPU are mutually exclusive on any single Integrity system.
• The full corporate implementation allows OpenVMS to share PPU CPUs with HP-UX and Windows-64 (Percent CPU only) on a common, partitioned In­tegrity system.
Process Description:
• A PPU Metering Agent running on a target system continuously measures CPU resource utilization on every installed CPU.
• This utilization data is sent to a Utility Meter running on an HP ProLiant system that can support up to 99 individual PPU systems.
• This system securely communicates with the HP Util­ity Pricing web portal every 24 hours, sending col­lated utilization information about each PPU system.
• The customer can access the Utility Pricing Portanl 48 hours later through a secure connection, and ac­cess usage statistics for that 24 hour period for each system or hard partition.
• This information enables the accurate billing of Busi­ness Units for the actual CPU resources they have consumed.
OPERATING SYSTEM ENVIRONMENT
Processes and Scheduling
Executable images consist of system programs and user programs that have been compiled and linked. These images run in the context of a process on Open­VMS systems. Sixty-four process priorities are recog­nized on OpenVMS Alpha and OpenVMS for Integrity servers. Priorities 0 to 15 are for time-sharing pro­cesses and applications (four is the typical default for timesharing processes). Priorities 16 to 63 on Alpha and Integrity servers are for real-time processes. Real­time processes can be assigned higher priorities to en­sure that they receive processor time whenever they are ready to execute.
OpenVMS uses paging and swapping to provide suf­ficient virtual memory for concurrently executing pro­cesses. Paging and swapping is also provided for pro­cesses whose memory requirements exceed available physical memory.
64-Bit Virtual Addressing
The OpenVMS Alpha and OpenVMS for Integrity servers operating systems provide support for 64-bit vir­tual memory addressing. This capability makes the 8 TB virtual address space available to the OpenVMS Alpha and OpenVMS for Integrity servers operating systems and to application programs. Future hardware imple­mentations for Integrity servers will provide greater ca­pacity. OpenVMS applications can take advantage of 64-bit processing by using 64-bit data types supported by the compilers. Refer to the SPDs for the OpenVMS Alpha and OpenVMS for Integrity servers compilers for further details.
Very Large Memory (VLM) Features
OpenVMS Alpha and OpenVMS for Integrity servers provide the following additional memory management VLM features beyond those provided by 64-bit virtual addressing. These features can be used by database servers to keep large amounts of data in memory, result­ing in dramatically increased runtime performance. The VLM features provided by OpenVMS Alpha and Open­VMS for Integrity servers are:
• Memory-resident global sections
• Fast I/O for global sections
10
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
• Shared page tables
• Expandable global page table
• Reserved memory registry
DECdtm Services
The DECdtm services embedded in the OpenVMS op­erating system support fully distributed databases us­ing a two-phase commit protocol. The DECdtm ser­vices provide the technology and features for distributed processing, ensuring both transaction and database in­tegrity across multiple HP resource managers. Updates to distributed databases occur as a single all-or-nothing unit of work, regardless of where the data physically re­sides. This ensures the consistency of distributed data.
DECdtm services allow applications to define global transactions that can include calls to any number of HP data management products. Regardless of the mix of data management products used, the global transac­tion either commits or aborts. OpenVMS is unique in providing transaction processing functionality with base operating system services.
DECdtm features include:
• Embedded OpenVMS system services that support the DECtp architecture, providing the features and technology for distributed transaction processing.
• Ability for multiple disjoint resources to be updated automatically. These resources can be either physi­cally disjointed on different clusters at separate sites, or logically disjointed in different databases on the same node.
• Ability to use the X/Open Distributed Transaction Processing XA interface that enables the DECdtm transaction manager to coordinate XA-compliant re­source managers (the HP DECdtm XA Veneer), and XA-compliant transaction processing systems to co­ordinate DECdtm-compliant resource managers (the DECdtm XA Gateway).
• Robust application development. Applications can be written to ensure that data is never in an incon­sistent state, even in the event of system failures.
• Ability to be called using any HP TP monitor or database product. This is useful for applications us­ing several HP database products.
Interprocess Communication
OpenVMS provides the following facilities for applica­tions that consist of multiple cooperating processes:
• Shared memory sections on a single processor or an SMP system that permit multiple processes to access shared address space concurrently.
• Galaxywide sections on a Galaxy platform that permit multiple processes in multiple instances to access shared address space concurrently.
• Common event flags that provide simple synchro­nization.
• A lock manager that provides a more comprehen­sive enqueue/dequeue facility with multilevel locks, values, and asynchronous system traps (ASTs).
• Intracluster communication services through which two processes running on the same system or on dif­ferent OpenVMS Cluster nodes can establish a con­nection and exchange data.
• Logical names through which one process can pass information to other processes running on the same system or on different OpenVMS Cluster nodes.
• Network interprocess communication is available via TCP/IP Services and DECnet-Plus (product licenses are required).
Symmetric Multiprocessing (SMP)
OpenVMS provides symmetric multiprocessing (SMP) support for Alpha and Integrity servers multiprocessor systems. SMP is a form of tightly coupled multipro­cessing in which all processors perform operations si­multaneously. All processors perform operations in all OpenVMS access modes, user, supervisor, executive, and kernel.
OpenVMS SMP configurations consist of multiple CPUs executing code from a single shared memory address space. Users and processes share a single copy of OpenVMS for Integrity servers or OpenVMS Alpha ad­dress space. SMP also provides simultaneous shared access to common data in global sections to all proces­sors. OpenVMS SMP selects the CPU where a process will run based on its priority and in special cases as di­rected by the application. OpenVMS uses a specialized scheduling algorithm when running a nonuniform mem­ory access (NUMA) platform.
SMP support is an integral part of OpenVMS and is provided to the user transparently. Because an SMP system is a single system entity, it is configured into a network and OpenVMS Cluster configurations as a single node.
The maximum number of supported CPUs in an SMP configuration is 32.
• Mailboxes as virtual devices that allow processes to communicate with queued messages.
11
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Networking Facilities
OpenVMS provides device drivers for all HP local area network (LAN) adapters listed in the LAN Options sec­tion of Appendix A of this SPD. Application programmers can use the QIO system service to communicate with other systems connected via the LAN using either
Ethernet or Institute of Electrical and Electronics Engi­neers (IEEE) 802.3 packet format. Simultaneous use of HP Ethernet and the IEEE 802.3 protocols are sup­ported on any HP LAN adapter.
OpenVMS Alpha supports Ethernet, FDDI, Token Ring, and ATM for local area networks (LANs). OpenVMS for Integrity servers supports Ethernet only.
OpenVMS Alpha supports the standards defined by the ATM Forum’s LANE Version 1.0 specifications for LAN emulation over an ATM network. By implementing an emulated LAN over an ATM network, you enable a group of ATM stations to act like a traditional LAN. LAN emulated over an ATM network allows you to run your existing applications basically unchanged, while the computers on which your applications are running are connected to the ATM network.
OpenVMS supports the following networking products:
• HP TCP/IP Services for OpenVMS, the industry­standard set of protocols for interoperating between different operating systems
• HP DECnet-Plus, the Digital Network Architecture, Phase V
• DECnet, the DIGITAL Network Architecture, Phase IV
These networking products are described in this SPD under Associated Products.
Terminal Server Products
Beginning with OpenVMS version 8.3, HP OpenVMS I64 serial support is provided through the USB serial multiplexer (MUX). OpenVMS supports several generic chipsets which allow third-party USB-based serial mul­tiplexers to connect to OpenVMS systems for RS232 serial lines, traditional terminal connections, and low­speed system-to-system connectivity. For more infor­mation, refer to the following website:
http://h71000.www7.hp.com/openvms/integrity/
integrity_io_options.html
OpenVMS provides a USB configration tool called UCM that can be used to track USB configuration changes like plug and unplug events. UCM can also be used to restrict the automatic addition of specific devices and classes of devices. The UCM event log is used by HP to help diagnose problems with USB devices.
AlphaServers
OpenVMS supports the fully qualified USB devices listed in the appropriate AlphaServer platform configu­ration and options web site:
http://h18002.www1.hp.com/alphaserver/
OpenVMS Alpha USB support is limited to low and full speed devices only, and currently supports only the Al­phaServer ES47, ES80, and GS1280 systems.
Integrity Server Systems
Starting with OpenVMS version 8.3-1H1, OpenVMS supports USB low-, full-, and high-speed devices for all supported OpenVMS Integrity systems. USB DVD sup­port in OpenVMS version 8.3-1H1 includes both reading and burning DVDs on the following supported Integrity server systems: rx2660, rx3600, rx6600.
HP terminal server products provide terminal server ac­cess to OpenVMS. When used in an OpenVMS Clus­ter environment, terminal servers distribute users across the available Alpha and Integrity server systems at login time.
OpenVMS can also establish a connection to other devices (such as printers) attached to such terminal servers.
Universal Serial Bus Support
OpenVMS supports the Universal Serial Bus (USB) technology. Support for the USB interconnect enables OpenVMS systems to connect to multiple supported USB devices using a single USB cable. OpenVMS sup­ports one USB keyboard and mouse on systems that are supported by OpenVMS and have USB hardware and a graphics controllers.
Reliability
OpenVMS handles hardware errors as transparently as possible while maintaining data integrity and providing sufficient information to diagnose errors. The system limits the effects of an error by first determining if the error is fatal. If the error occurs in system context, the current OpenVMS system shuts down. If the error is not fatal, the system recovers actions pertinent to the error and continues the current operation.
In all cases, information relevant to the error is written to the error log file for later analysis. Hardware errors include the following categories:
Processor errors. These include processor soft errors, processor hard errors, processor machine checks, and adapter errors.
12
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Memory errors. These can be unrecoverable (hard) errors or recoverable (soft) errors. The system ex­amines memory at startup time and does not use any bad pages. During system operation, the system cor­rects all single-bit memory errors for those systems with error correction code (ECC) memory.
Correctible memory errors. A primary cause of these correctible memory errors is alpha particle radi­ation. On some processors, when correctible mem­ory errors occur, the memory controller corrects only the data returned to the CPU or I/O controller. The actual data in memory is left with the error intact. Subsequent read operations cause correction cycles to occur and, in most cases, an interrupt to report the error. On many of these processors, OpenVMS monitors the occurrence of correctible memory errors and, in almost all cases, is able to remove the error condition by rewriting the data in memory. Rewrit­ing the data causes the data to be corrected in that memory location.
Other failures include:
• Operating system errors (system-detected inconsis­tencies or architectural errors in system context)
• User errors
• I/O errors
The system logs all processor errors, all operating system errors detected through internal consistency checks, all double-bit memory errors (and a summary of corrected single-bit memory errors), and most I/O er­rors.
If the system is shut down because of an unrecoverable hardware or software error, a dump of physical mem­ory is written. The dump includes the contents of the processor registers. The OpenVMS System Dump An­alyzer (SDA) utility is provided for analyzing memory dumps.
Input/Output
The QIO system service and other related I/O services provide a direct interface to the operating system’s I/O routines. These services are available from within most OpenVMS programming languages and can be used to perform low-level I/O operations efficiently with a mini­mal amount of system overhead for time-critical appli­cations.
Device drivers execute I/O instructions to transfer data to and from a device and to communicate directly with an I/O device. Each type of I/O device requires its own driver. HP supplies drivers for all devices supported by the OpenVMS operating system and provides QIO system service routines to access the special features available in many of these devices.
OpenVMS supports a variety of disk and tape periph­eral devices, as well as terminals, networks, and mail­boxes (virtual devices for interprocess communication), and more general I/O devices.
I/O Performance Features
Fast I/O provides a suite of additional system services that applications can use to improve I/O throughput. The fast I/O services minimize the CPU resources required to perform I/O.
Fast Path provides a streamlined mainline code path through the I/O subsystem to improve both uniproces­sor and multiprocessor I/O performance. On multipro­cessor systems, Fast Path allows all CPU processing for specific I/O adapters to be handled by a specific CPU. This can significantly lower the demands on the primary CPU and increase the I/O throughput on multiproces­sor systems with multiple I/O ports. No user application changes are needed to take advantage of Fast Path. Fast Path can be utilized by the $QIO system service or the Fast I/O services.
Extended File Cache (XFC)
The Extended File Cache (XFC) is a virtual block data cache provided with OpenVMS Alpha and OpenVMS for Integrity servers. Similar to the Virtual I/O Cache, the XFC is a clusterwide, file system data cache. Both file system data caches are compatible and coexist in the OpenVMS Cluster.
The XFC improves I/O performance with the following features that are not available with the virtual I/O cache:
• Read-ahead caching
• Automatic resizing of the cache
• Larger maximum cache size
• No limit on the number of closed files that can be cached
• Control over the maximum size of I/O that can be cached
• Control over whether cache memory is static or dy­namic
Virtual I/O Cache (Alpha only)
OpenVMS Alpha provides a standalone or clusterwide, file-oriented disk cache. Applications benefit from the advantages of the virtual I/O cache without any special coding. The virtual I/O file-caching algorithm is chosen based on the type of clusterwide access currently in progress. Virtual I/O caching reduces current and po­tential I/O bottlenecks within OpenVMS systems. It re­duces the number of I/Os to the disk subsystem, thereby reducing systemwide bottlenecks.
13
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.13
Record Management Services (RMS)
RMS is a set of I/O services that helps application pro­grams to process and manage files and records. Al­though it is intended to provide a comprehensive soft­ware interface to mass storage devices, RMS also sup­ports device-independent access to unit-record devices.
RMS supports sequential, relative, and indexed file or­ganizations in fixed-length or variable-length record for­mats. RMS also supports byte stream formats for se­quential file organization.
RMS record access modes provide access to records in four ways:
• Sequentially
• Directly by key value
• Directly by relative record number
• Directly by record file address
RMS also supports block I/O operations for vari­ous performance-critical applications that require user­defined file organizations and record formats.
RMS promotes safe and efficient file sharing by pro­viding multiple file access modes and automatic record locking (where applicable). RMS offers the options of enabling global buffers for buffer sharing by multiple pro­cesses.
RMS utilities aid file creation and record maintenance. These utilities convert files from one organization and format to another; restructure indexed files for storage and access efficiency; and reclaim data structures within indexed files. These utilities also generate appropriate reports.
For systems that have DECnet or DECnet-Plus in­stalled, RMS provides a subset of file and record man­agement services to remote network nodes. Remote file operations are generally transparent to user programs.
Commands such as EDIT, CREATE, COPY, TYPE, and PRINT allow users to manipulate RMS records within RMS files at the DCL command level.
Disk and Tape Volumes
The system manager can organize disk volumes into volume sets. Volume sets can contain a mix of disk device types and can be extended by adding volumes. Within a volume set, files of any organization type can span multiple volumes. Files can be allocated to the set as a whole (the default) or to specific volumes within the set. Optionally, the system manager can allocate portions of indexed files to specific areas of a single disk or to specific volumes in a volume set.
The system manager can place quotas on a disk to con­trol the amount of space individual users can allocate. Quota assignment is made by UIC and can be controlled for each individual volume set in the system (or for each individual volume if the volume is not part of a set).
The system manager can cache disk structure infor­mation in memory to reduce the I/O overhead required for file management services. Although not required to do so, users can preallocate space and control auto­matic allocation. For example, a file can be extended by a given number of blocks, contiguously or noncon­tiguously, for optimal file system performance.
The system applies software validity checks and check­sums to critical disk structure information. If a disk is improperly dismounted because of user error or system failure, the system rebuilds the disk’s structure informa­tion automatically the next time the disk is mounted. The system detects bad blocks and prevents their reuse once the files to which the blocks were allocated are deleted. On DIGITAL Storage Architecture (DSA) disks, the disk controller detects and replaces bad blocks au­tomatically.
The system provides 255 levels of named directories and subdirectories whose contents are alphabetically or­dered. Device and file specifications follow HP conven­tions. Users can use logical names to abbreviate the specifications and to make application programs device and file name independent. Users can assign a logical name to an entire specification, to a portion of a speci­fication, or to another logical name.
OpenVMS supports multivolume magnetic tape files with transparent volume switching. Access positioning is done either by file name or by relative file position.
E-BUSINESS AND INTEGRATION TECHNOLOGIES
The HP OpenVMS e-Business and Integration Infras­tructure Package provides key Internet, e-business, and integration software technologies that enhance the OpenVMS Alpha and OpenVMS for Integrity servers operating systems and enable the development of e­business and enterprise integration solutions. These technologies are bundled with the OpenVMS Alpha or OpenVMS for Integrity servers operating systems. Sev­eral of the components are additionally bound by an open source software license.
The following components are included on the e­Business and Integration Infrastructure Package on OpenVMS Alpha:
• HP Secure Web Server (SWS), including support for the popular scripting capabilities: mod_PHP, mod_ Perl and Perl, and JavaServer Pages (Tomcat)
• HP Secure Web Browser (SWB)
14
Loading...
+ 30 hidden pages