IBM z/OS Communications Server

As a key component in IBM z/OS Container Platform support for Kubernetes, the z/OS Communications Server provides the IBM z/OS Control Plane Appliance (zCPA), which functions as a control plane node within the Kubernetes cluster. Through its Kubernetes support, IBM z/OS Container Platform enables orchestration for deploying, scaling and managing applications running in containers on z/OS.

The zCPA operates within a z/OS address space, allowing one or more z/OS systems to participate as control plane nodes in the Kubernetes cluster. Also, z/OS Communications Server offers two z/OS UNIX command-line utilities: the IBM z/OS Appliance Manager for Kubernetes (kam), which manages the zCPA lifecycle, and Kubeadm for IBM z/OS (kubeadmz), which manages the lifecycle of control plane nodes and worker nodes.

z/OS 2.5 and 3.1 Communications Server, with APAR PH49323, is enhanced to support z/OS Sysplex Distributor for non-z/OS targets that run colocated with a z/OS TCP/IP stack in a sysplex.

Sysplex Distributor can be used to provide highly available Kubernetes clusters on z/OS when multiple z/OS Control Plane Appliances are configured for the cluster. It helps you optimize workload distribution and manage the availability and scalability demands across a set of control plane nodes for the Kubernetes cluster.

Provides a robust network support for IBM z/OS Container Platform by introducing ZCONTainer dynamic VIPAs (DVIPAs) and z/OS CNI plug-ins. ZCONTainer DVIPAs provide network access for containerized workloads, enabling seamless integration and coexistence with native z/OS applications. z/OS CNI plug-ins create a network fabric for container communication within the sysplex and with external systems, extending the server’s high performance and scalability to modern containerized environments.

Incorporates zERT and enhanced Application Transparent-Transport Layer Security (AT-TLS) to strengthen network security and encryption.

zERT, a core component of IBM Z® pervasive encryption, provides intelligent security discovery and monitoring through the zERT Network Analyzer, a web-based interface on z/OSMF. This tool helps identify and manage the protection of z/OS TCP and Enterprise Extender traffic. zERT Policy-based Enforcement in z/OS V2R5 introduces customizable cryptographic protection rules, with enhancements in z/OS 3.1 for database authentication and user interface improvements.

Enhanced AT-TLS delivers TLS encryption for TCP/IP connections based on policies set via the IBM Network Configuration Assistant, applying protection to data at the transport layer while maintaining the usual application-level data handling.

z/OS Communications Server strengthens data security and regulatory compliance through several key features. It includes secure logging over TCP with z/OS UNIX syslogd, access control for FTP Server JES and SMF 1154 records for compliance evidence. These enhancements improve data transfer security and support higher productivity while helping ensure adherence to regulatory standards.

z/OS Communications Server drives application modernization and simplifies system management by using the IBM Function Registry and supporting 64-bit Java. These advancements streamline application development and enhance operational efficiency, aligning with the server's advanced network management capabilities for optimized business operations.

SMC-Dv2 and SMC-Rv2 enhance the performance and flexibility of intersystem communications, integrating with the performance and scalability features of z/OS Communications Server.

z/OS Communications Server extends its capabilities to support Linux Docker-based applications through native z/OS Container Extensions. This feature helps ensure compatibility and optimized performance for diverse workloads, enhancing the server’s integration with modern containerized environments.