What's new in IBM i 7.4?
A new era will begin for administrators running IBM Power Systems and PureSystems as IBM i evolves into version 7.4 from June 2019. This operating system is designed for selected POWER8 and POWER9 server hardware.
The battle against downtime has truly turned a major corner with this release. Db2 Mirror practically eliminates downtime windows by keeping database files fully synchronised, in real time, between two platforms.
As the name suggests, Db2 Mirror stores a copy of your Db2 database across two different physical servers, taking in updates to both simultaneously as soon as you instigate a write process.
How Db2 Mirror works
This is nothing like any existing hardware or software replication you’ve come across. You could be forgiven for thinking it’s the storage subsystem maintaining a copy of the database in two places, or an advanced journaling function to store and forward changes for subsequent processing.
To put it as simply as possible, you can write to either side of the mirror and both updates are updated in real time. The technology doesn’t even need journals as mirrors are maintained completely in unison.
Undoubtedly, this is a huge leap in the mission to remove downtime periods. It’s tremendously good news for customers in finance and retail industries. By increasing uptime even further, we provide the foundation for future business growth. The only restriction is that it’s used for inter data centres with a restriction of 100 metres between the two systems.
SMBv3 for Netserver
Replacing both SMBv1 and SMBv2, the new protocol has many improvements over its predecessors. A lot of work has been put in to ensure SMBv3 performs strongly at mapping network drives from Windows, Apple Mac and Linux.
It could be said that the mission tagline for this updated version is “one protocol to rule them all”.
At Blue Chip, we’ve been evangelists of the need to encrypt network traffic for many years now. In this age of GDPR and the need to meet PCI-DSS requirements, TLSv1.3 is a vital protocol, especially for ecommerce.
You can expect TLSv1.3 to be increasingly important for all kinds of business. It’s significantly faster and more secure than its predecessors. To illustrate just how much faster, the encryption latency in TLSv1.3 during a handshake is halved compared to TLSv1.2.
From a security perspective, the new version does away with many obsolete and insecure features, such as MD5 hashing and AES-CBC. By removing these vulnerabilities, security is exponentially increased.
Tracking submitted jobs
Making the life of a Sysadmin easier, IBM i 7.4 brings in two new exit points.
- QIBM_QWT_SBMJOB calls an exit program during SBMJOB, before the job is placed on the queue.
- Likewise, QIBM_QWT_CHGJOB will change a job on a queue, calling an exit program during CHGJOB.
QHST functionality has also been increased. You can search solely on job name or job number, rather than the previous requirement to know both job name and number.
More capacity on your partitions
Addressing the explosion of Big Data, IBM i 7.4 raises maximum capacity. You’re used to an upper ceiling of 4,094 disks of up to 4TB each. IBM i now gives you the ability to go to 9,998 disks of up to 16TB each.
Sysadmins can look forward to a new capability. The new version of Authority Collection allows clients to turn on a ‘trace’ which will capture the actual authority needed to perform an operation and have IBM i report the minimum authority necessary to perform the operation. In IBM i 7.3, Authority Collection was based on ‘users’, where clients turned on the trace for a user or set of users, and IBM i would collect the information for every object used by the users while the trace was running.
In IBM i 7.4, this is being done by ‘object’. Clients can find out how any specific object is being used, by all users. Again, IBM i tracks the authority which the users had when they accessed the object, as well as the minimum authority required for that operation.
The primary aim of Authority Collection is enabling clients to ‘lock down’ their objects while also allowing their ‘bread and butter’ operations to take place uninterrupted. For example, clients can learn when a database file is being accessed by a user whose authority is higher than it needs to be. The client can then safely change the user’s authority to the minimum required, allowing the user to continue to do their job, but preventing them from doing something they shouldn’t do.
In conclusion, you gain a more complete method of making sure a client has their system locked down according to their security policy.
IBM i 7.3 TR6 GA: Friday 10th May 2019
IBM i 7.4 GA: Friday 21st June 2019
Db2 Mirror for i GA: Friday 21st June 2019