We “mobilized” VM:Manager by implementing three components:
• An extension to the z/VM System Management API (SMAPI) that provides VM:Manager services. Such user extensions are a supported feature of the facility.
• A Web services provider that implements web methods that represent VM:Manager functions. This is a Linux-based appliance running Apache or a lightweight Web services facility such as XSP.
• A VM:Manager Mobile application that runs on a tablet or smartphone that exploits the Web services published by the server.
Using the technologies described in the previous section, we developed an integrated system composed of the VM:Manager back-end, a Web services component acting as a middleman and an application residing on the mobile device.
The flow of a request/response is as follows:
1. An application logs into the Web service as described in the following section titled “Security and Authorization.”
2. A web method is invoked causing the Web service to validate if the user is a) logged on and b) is authorized to utilize the specified web method using the profile returned as part of the log-in function.
3. A SMAPI request is issued by the web method, which contains the service being requested, along with the parameters required by that service.
4. The SMAPI agent validates the request and parameters (for presence, not for content) and issues the required VM:Manager command.
5. The SMAPI agent processes the data returned from the VM:Manager command:
• XML tags are used to identify command and parameters. The output from the VM:Manager commands is uninterpreted and wrapped in generic tags.
• The SMAPI client parses results returned from each command and wraps each field in a command-specific tag.
• The return code from the VM:Manager command is placed into the root tag, along with any reason code (<VMCOLON rc=”rc” reason=”reason”>).
6. SMAPI returns the XML data as a string to the Web service, which then passes it back to the originator of the request.
Security and Authorization
For this prototype, we implemented the following security:
• The Web service provider maintains control over commands that may be issued.
• Transmissions are via https and require user/password authentication.
• The Web service uses a SMAPI call to validate user/password and have a “profile” returned that describes the functions that user is allowed to perform.
• The SMAPI interface uses native facilities to validate the user/password combination.
• A trusted root certificate is required on the Web service server.
The Web service was written in C# and uses either Apache with the mod_mono module or the XSP lightweight ASP.NET server. The vast majority of web methods map directly to a single VM:Manager command. Figure 1 shows a sample of calls. The web methods are very simple and take the form shown in Figure 2. These same Web services may be accessed from any endpoint, whether it be a mobile device, a browser or an application. In Appendix A (available at http://esmpubs.com/nm2mv), we show a simple Java application that will avail itself of the services offered.