Previous month:
June 2018
Next month:
August 2018

July 2018

Ways to make SFTP serve to a 3000 system

Waiter-serviceEarlier this month a seasoned veteran of 3000 development asked how he could get SFTP service supported for his system. He's been managing a 3000 that's been ordered to employ file transfers that are more secure than FTP.

Secure FTP works well enough outbound, thanks to the OpenSSL software ported to the 3000 in WebWise. But incoming SFTP is tougher. Some say it's not possible, but that answer doesn't include any potential for a proxy server. Or a virtualized 3000.

Versions of OpenSSL that were ported to run on native MPE probably won’t satisfy an audit, nor do they have some of the current crypto capabilities that would satisfy things like PCI requirements. There are no developers signed up to continue the OpenSSL port project.

That leaves the proxy solution.

In this solution, a manager would set up a Linux SFTP server with two NICs. NIC 1 goes to the outside world. NIC 2 is a crossover to the HP 3000. From the HP 3000, SFTP to the Linux server via NIC 2.
 
In another scenario, you can FTP between the HP 3000 and a Linux virtual machine. One developer said that on the Linux VM "we have a small application that talks to the HP 3000 via FTP and forwards to and from other machines via SFTP or SSH." He added that the app on the Linux system is written in Java.
 
Migration often includes this kind of expertise. Charles Finley, a veteran of HP 3000 matters since the 1980s, recently raised his hand to offer notes on using an SSH tunnel. "It does not involve coding, the use of libraries and—although you can do it with Linux—does not necessarily involve Linux." He drew a link to an example employing a Windows host, adding that "we use Linux or Windows for this type of thing. Here's a description of how connect to an FTP/SFTP server which can be accessed via another server only, using PuTTY, "something we make use of a lot," Finley said.
 
There's also a simple way to use SFTP by employing Stromasys Charon. Other servers can SFTP to a Linux partition. Charon is hosted under Linux as it emulates the 3000 hardware. This hosted MPE server can then pick the files up internally.

Continue reading "Ways to make SFTP serve to a 3000 system" »


Worst Practices: Shouldn't Happen to a Dog

By Scott Hirsh

Chaplin-A-Dogs-LifeThere is a saying in Washington about Washington: “If you want a friend, get a dog.” Ha! We system managers should be so lucky. We can’t even be our own best friend.

It’s sad but true: we system managers won’t cut ourselves any slack. We repeatedly put ourselves in jeopardy, often making the same mistakes time after time. We even break all the rules we impose on others. Don’t believe me? See if you recognize any of these examples.

1. Hand crafted system management

Ah yes, the good old days. Peace, love and tear gas (I never inhaled). But here’s a news flash, sunshine: for system managers, the ’60s are dead. Predictable, repeatable tasks can and should be automated. If you can script it, you can schedule it. And if you can schedule it, you can automate it. So what are you waiting for? Do you like (take your pick): streaming jobs by hand; adjusting fences and priorities by hand; reading $STDLISTs; staring at the console waiting for that one important message? For this you went to college?

And yet, we (or our management) come up with lots of lame excuses for running a stone-age operation. Can’t afford the automation products, don’t trust automation, can’t trap every error, blah blah blah. Those excuses may fly when you’re small, but suddenly you have more systems, bigger systems and manual management turns your shop into burn-out central. Now there’s turnover costs, downtime costs, opportunity costs.

Oh, and by the way, it’s much more expensive to implement automated management in a large, busy environment than it is to grow automated management from a smaller environment. Perhaps some of us are just adrenaline junkies, or we fear not being needed. Get over it and automate already.

2. The disappearing act

A close personal friend of mine — okay, it was me — once made a change to Security/3000’s SECURCON file, then left for an all-day meeting about 40 miles away. Guess what? None of the application users could log on after my change. Way back then, my pager almost vibrated off my belt from that one. And it made for some interesting meetings when I got back.

I have seen lots of cases where a system manager made a configuration change, installed a patch, or fussed with SYSSTART or UDCs, then immediately went home. Big mistake. If you’re lucky, you live near your data center and can zip right back to repair the carnage that was discovered right away. If you’re not lucky, first you don’t discover your mistake until the worst possible moment — say, around the heaviest usage period the next day — and then you’re forced to take the system down to fix the problem. Ouch.

3. A lack of planning on my part does constitute an emergency on your part

A variation on No. 1. We are the eternal optimists. No matter how invasive the procedure, everything will work out perfectly, right? How many PowerPatches must we install before we realize we must leave adequate time for testing the patched system and perhaps back that sucka out? No really, this time HP (or your favorite vendor) has learned from past mistakes and has a bullet-proof update. No need to leave a cushion for collateral damage. Right.

Every decent system administration book offers the same advice: Don’t do anything you can’t undo. Make a backup copy of whatever you’re changing. Keep track of the steps you followed. Be prepared to back out whatever you’re doing. Because that contingency time can inflate your update schedule by hours, it’s unlikely you can safely make a system change at any time other than weekends or holidays. 

4. I’ve got a secret

You make changes but don’t tell anyone about them. Let’s be charitable and say your changes worked as planned. Unfortunately, nobody knew you were going to make the change. I have seen a change as innocuous as modifying the system prompt have unintended consequences (Reflection scripts looked for the old prompt and now wouldn’t work). The term “system” implies interrelationships. Anything we do has a ripple effect. When we don’t tell others that we’re about to make a change — “they wouldn’t let me do it if I told them!” — we don’t do ourselves any favors. I would love to hear other war stories under this category (hint, hint).

Continue reading "Worst Practices: Shouldn't Happen to a Dog" »


P9500 storage comes to N-Class 3000s

XP P9500 InteriorHP's storage for the 3000 was always a step later to arrive than on the Unix side of the business line. Sometimes a storage protocol like an SCSI bus was rated at half the speed of the HP-UX version, even though the technology was identical on the storage device. MPE/iX needed more stringent testing, the customers figured, to assure the world that the legendary 3000 reliability was intact.

Sometimes the delays in tech covered years, until at one point HP stopped all of its MPE/iX testing. That didn't mean the community quit innovating and integrating storage. Now the XP P9500 storage arrays have been proven to support N-Class servers, according to the reseller ThomasTech.

"It was a success," said global services director Chad Lester. "Our engineers have the HP3000 N-Class booting from the P9500."

The P9500 has a standards-based architecture, using X64 processor-based controllers, and a user-centric design plus application-level quality of service controls. HP claims the P9500 doubles power efficiency and holds the same amount of data as the XP24000 in half the floor space.

It's a new storage technology to the 3000 world, even if the basic design was first rolled out almost eight years ago. The tests at ThomasTech show that MPE/iX can be installed on the first LUN, according to engineer Larry Kaufman. The next steps are to be able to boot a system from that P9500.

Storage solutions have held the greatest promise for extending the life of HP-branded MPE/iX hardware. The XP24000 arrays, for example, have been a source of massive storage capacity that can be shared across a wide range of server environments. The XP support has marched onward for years. The P9500 can scale from five disk drives in a single cabinet to 2,048 drives in six industry standard, 19-inch racks. The P9500 tops out at less than half of the XP24000's theoretical limit of 2.26 petabytes, though. SSD and moving media are both supported.

And there's that word, petabytes, being associated with a server HP stopped building 15 years ago. 


Users' HELLOs echo back on 3000-L

Hello Screen

Just a bit more than a week ago the airwaves were quiet around the 3000-L mailing list. It had been more than a month without a message. 3000-L used to have thousands of messages a month. Those were the days when the 3000 Renaissance was mounting and a mailing list was a very special vehicle.

The numbers have fallen since the late 1990s, but this week it's not "too quiet, Sarge" in the cybersphere. (Is it a sign of age that I still use a word like cybersphere?) Right away after our "Hello out there" message, more than a few readers and resources from the L checked in, saying their HELLO back. Some shared news.

To be sure, one of the messages was about an impending retirement. Jim Gerber is leaving the 3000 behind on Tuesday of next week. "It's been a great ride from the Model III to the N-series," wrote the software engineer at Quest Diagnostics. There's a billing system at Quest, a corporation traded on the NYSE that had $7.7 billion in revenues last year. Rising sales, too.

TE Connectivity's Terry Simpkins checked in to say the 3000s were still running at the operation with manufacturing sites all over China. The future of MANMAN there is far from certain. Simpkins said he felt like "the countdown is running" since the acquisition of Measurement Specialties by TE awhile ago.

There was also a message from Ray Legault at Boeing. The world's biggest aircraft manufacturer still has MPE/iX software at work, since Legault's signature is still "EWH ESX Middleware Hosting HP3000 & AIX backup Support." Legault said he's doing well.

Then there were the messages from the people we're all certain are never leaving the 3000. Alfredo Rego raised his hand to be counted.

Continue reading "Users' HELLOs echo back on 3000-L" »


July's IA-64 news, delivered by the Sandman

IA-64 Sequel t-shirt copy
Twenty years ago this month the 3000 community got its biggest assurance of a long future. The system's lab manager said that the IA-64 architecture would be fully supported in future 3000 models. New compilers would be built for a new MPE/iX. Channel partners and resellers got the news from the labs two months earlier at a swell retreat.

The man delivering the news for that July article is a familiar name with 3000 customers. He was Winston Prather, head of R&D at the time—and three years later, the person who decided the 3000 community didn't need the computer. A weak ecosystem was supposedly the reason Prather could be the Sandman and help put HP's MPE/iX business to sleep.

Three summers earlier, all the news we could report in the NewsWire was good. 

"The 3000 customers who experienced the move from Classic to MPE/XL know exactly what they’ll be looking at as they move forward,” Prather said. “One thing that makes me feel good about it is that it’s something we’ve done before. I think we pulled it off pretty successfully, and we learned quite a bit. We’ll use some of the same learning and techniques as we move to the new architecture."

Prather said that by early in the 2000s, 3000 customers would be able to buy and use an operating system to run with both PA-RISC and IA-64 processors,  "Customers who need the additional performance of IA-64 will then be able to buy IA-64 processor boards to plug into HP 3000 processor slots on the new systems." It was an audacious design. HP bragged of the bold move.

“Prior to the IA-64 boards or chips," Prather said, "there will be complete new boxes available at the high end and the midrange, and then potentially at the low end.” The new 3000s would use new IO systems, giving customers a way to step into new hardware technology incrementally. The IO arrived, late out of those labs, in the form of new PCI bus architecture. IA-64 on MPE was put to sleep.

Watching the whiplash as HP first promised a future, pre-Y2K, then took away the hope of 3000 site, in 2001, baffled a lot of us. The system deserved a big tech investment. Then it didn't.

Continue reading "July's IA-64 news, delivered by the Sandman" »


3000 mailing list now quiet for a month

1725A Oscilloscope
The last recorded message on the 3000-L mailing list and newsgroup was posted on June 12. The five weeks of radio silence is the longest this information asset has weathered. The quiet isn't due to technical difficulties. A test message passed through the receiver and was broadcast to members earlier today.

The L, as it's been called informally by the community for more than two decades, has become a lean vehicle for technical expertise. It was once so full of chaff the community insisted on Off Topic handles, but an [OT] message has been virtually eliminated. The archives of tech wisdom — a big reason I believed the NewsWire had a chance at first — are still online, for now.

Some of the latest questions have been sharply on point for the HP 3000. Charles Johnson of Surety Systems asked last month how to program "a handheld PSC 6000 Plus bar code scanner installed as a wedge between a HP 700/92 terminal and a keyboard, all hosted on a Series 969SX."

In less than 10 minutes, Stan Sieler pointed Johnson at a programming manual for the device. Within the hour, another 3000 guru, Michael Anderson of J3K Solutions replied back. That's Johnson to Sieler to Anderson, if you're scoring at home, all within 45 minutes of posting the question. 

There's no problem with the concept of posting a question to a mailing list and waiting for a reply when the list is as well vetted as 3000-L. In the case of the scanner issue, of course, all three posters are already working as third party experts in MPE/iX systems: Surety to Allegro to J3K. There have been tech exchanges this spring where information flowed from one IT manager to another. That kind of list discourse is becoming more rare.

Sieler, who's done some pinch hitting for listserver administration in the years since list founder Jeff Kell died, has been in contact with the University of Tennessee at Chattanooga. The UTC campus hosts the server that holds this longest and deepest chunk of HP 3000 history, and Sieler has the contents archived.

Without Kell at the helm of the listservs at UTC, 3000-L is on autopilot. There's no one there to take non-automated requests. The community is at least aware that its greatest historical resource has an undetermined future. "It may only be a matter of time," said Tracy Johnson a few weeks ago, "before some before someone in IT management at UTC does an upgrade, migrates, or pulls the plug, and we're left in the dark."  


Fine-Tune: Resetting your LDEV 21 Console

I have a 959 system at my site and there are times when I can't get the remote console port on LDEV 21 to work. How do I troubleshoot this problem and reset the console port? 

1. Is the port configured and available?

a) Check to be sure the system recognizes the port

:showdev 21

LDEV     AVAIL
     21     AVAIL

b) Is the SYSGEN configuration okay? 

:sysgen  sysgen>io
io> ld 21

LDEV:21  DEVNAME:  OUTDEV:21  MODE:  JAID
**ID: A1703-60003-CONSOLE-TERMINAL 
RSIZE:        40   DEVTYPE: TERM
**PATH: 56/56.1   MPETYPE: 16   MPESUBTYPE:  0
CLASS: TERM

c) Is the User Port configured in NMMGR?

:nmmgr
then ...

OPEN CONF, DTS, USER PORT

Logical Device [21  ]  (1 - 1800)
Line Speed [2400  ]  (300, 1200, 9600, or 19200 bps)
Modem Type [1] (0-NONE, 1-US, 2-European, 3 - V22.bis)
Parity [NONE] (None, Even, Odd, 0's, or 1's)

Continue reading "Fine-Tune: Resetting your LDEV 21 Console" »


Holding on to 3000 data: this might work

Tape
As much as companies want to step away from legacy data systems, some are forced to make historical vaults of financials, customer profiles, inventory and much more. The HP 3000's current populace is full of this kind of work — knowing the answers to "what happened back then?" or maybe "how much credit did we extend to that company?"

Those questions sometimes mean that a computer that hasn't seen a new model since 2001, and an operating system that got its last update a decade ago, remains in charge of crucial data. Companies trying to hold onto the data face a few problems. They fall into two categories, hardware and software. (I know, that's almost everything, unless you consider networks to be another aspect.)

On the hardware side, getting elderly magnetic media to respond reliably will be a bigger problem with every passing day that a tape needs to slide across a drive head. It's not so much the tape itself, said Stan Sieler. It's the drives. Fewer and fewer people know how to repair the ones out there, too.

Tape was used as a backup for so long it's not natural to imagine disc playing a better role. But it does today. Your HP 3000 might need a System Load Tape one day for recovery purposes. When the SLT you've carefully preserved cannot be read by any tape drive, that mean be a hard stop for your historic HP 3000. Sieler suggested that an image of a 3000's startup volume, captured and stored on another disk, could do the same thing as an SLT reload. The 3000 would have to be fully quiesced to get the best image. But if it was not, the disc image could still work; it would just require an immediate reboot of the 3000. 

Those are circumstances that a historic records 3000 could withstand. A transaction processing system is harder to quiesce. The world still has 3000s processing transactions today, and for a long time to come.

Query Google about how to capture a disk image of a 3000's startup volume. Better yet, reach out to the 3000 support company for your datacenter. If you don't have one, here's an opportunity to correct that oversight. Reach out and get the assurance you need that your 3000's ability to report history will remain strong and clear. Do it before you're forced to find out the old tape drives won't read what you need to keep that server on duty.


Local advice guided bets for 3000 users

Interex Playing CardAt this summer's 3000 Reunion, close to two dozen friends and colleagues broke bread, watched video, asked questions and listened to advice. There was a local flavor to the visitor's register. There was also experience shared about what bets to avoid if you're homesteading.

Steve Cooper and Stan Sieler of Allegro were on hand, sharing advice and 1987 Interex playing cards (that was Stan, still a magician after many years, passing out a pack as he ducked into the meeting). Vicky Shoemaker of Taurus Software came in from Palo Alto, and Orly Larson drove five minutes from his Sunnyvale home. Tom McNeal was also local to the event, and Linda Roatch (managing newspaper servers at the San Jose Mercury News) was part of the contingent on the Orly Larson pre-conference night.

Everyone else at the meeting and the tour of the Apple Park HQ next door was an out of towner. Some were way out of town, from England or Toronto. Traveling used to be a part of the 3000 community experience, in the era before FaceTime, Skype, and texting. We once needed to be near one another to learn something or to share a joke.

Local storage, though, was discouraged in advice during that afternoon. In this case nothing could be more local than internal devices. Under the topic of Eliminating Single Points of Failure, users were advised to get rid of the single points of failure of internal peripherals for their HP 3000s. Be redundant. DDS tape drives and disk drives are better off outside of the 3000's cabinets. To be honest, tape media of any kind "is the bane of my existence," said Ralph Bagen of the MPE Support Group.

If you're using storage that was built in the last century, the advice went, you need to move to devices at least built in 2001 or later. You'll still need a tape to create an SLT, but just about anything on magnetic media is a problem waiting to happen. All hail cloud backup, or better yet, backups to Intel-based servers. Those might be servers hosting a virtual HP 3000 by employing Stromasys Charon. 


Using MPE/iX to send SFTP files

I have a script that uses FTP to send files to a site which we open by IP address. We've been asked to change to SFTP (port 22) and use the DNS name instead of an IP address, and I don't believe the 3000 supports that. Does it? If so, how?

Allegro's Donna Hofmeister replies:

I'm not sure you want to do SFTP on port 22. That's the SSH port. SFTP is meant to use port 115. Have a look at one of our white papers on how to do SFTP on MPE.

If you are going to use DNS, you must have your 3000 configured for that. It's easily done. 

However, if you've never done anything on your 3000 to make it act like a real computer (oh -- that's right, it is a real computer and fully capable of using DNS), this can turn into a can o'worms.

Continue reading "Using MPE/iX to send SFTP files" »


Measuring the Miles to Homesteading's End

Up-road-map-distance-south-african-distances
In Cupertino at this summer's 3000 Reunion, the attendees who flocked to the flocked-wallpaper pub room on a Saturday read a roadmap to continued use of MPE/iX. The advice was wrapped around hardware because Ralph Bagen delivered the goods. He runs the MPE Support Group and talked about backups and redundancy and more.

The issues in that talk covered about 12 slides and twice as many minutes. Toward the end, the talk turned to comments about the hardware alternative to HP Virtual Arrays, PA-RISC hardware and the like. Charon came up. Hands went up in the room from the vendors and experts who had the Stromasys product among their customer bases. Vicky Shoemaker at Taurus Software, Steve Cooper at Allegro, plus Bagen and a few more. Not bad for a meeting of less than two dozen 3000 fans.

HP-labeled hardware is always going to have its terminus, because they're not building 3000s anymore. The peripherals will see their finale, too. It could well turn out that the Charon solution will be the only route that runs into the end of the 2020s, and maybe beyond. They keep making faster Intel hardware.

We learned that the remaining MPE/iX customers show up in places where change has been slow to invisible. At least it's invisible to the customers of ecommerce and mail order providers running the Ecometry software. The 3000's OS is durable, more so than its hardware. Those who remain have sometimes surprising budgets to maintain a proven system.

Issues are on the horizon for server performance. That's to say that an MPE/iX platform which needs to keep up with growth is going to need better horsepower to drive a virtualized 3000. HP keeps introducing ProLiant systems each faster and a better value than the last. Throw enough hardware at performance and, as always, the time to process the data goes down. 

Charon works, and it's a good product, Bagen said. So long as a customer can push enough hardware at a virtualized solution (see above) the range of suitability is broad. That makes the number of miles of homesteading different for the sites not locked into HP's hardware. The PA-RISC servers will never get faster, especially if a site is already at the top of the N-Class line.

The mileage will get better, even for companies with a lot of data to move down the road, in many virtualized worlds.

We're taking July 4 off here to celebrate our nation's independence. In a smaller way we're celebrating our own, and for those who use MPE/iX, their independence deserves a shout, too.