Thank goodness I can stop referring to this release as “IBM i-next!” Release 7.4 is here, and this article provides the features breakdown.
Let’s start with DB2 Mirror for i. This is a major new feature. It dwarfs just about everything else in terms of magnitude with its synchronous active-active replication and 24x7 uptime capability for continuous availability.
What I learned about this under non-disclosure agreement maybe two years ago was that the ability to do continuous availability was a major selling point to customers with systems that just can’t ever be down. Not for fifteen minutes to do a MIMIX or POWERHA role swap. Not two minutes. Zero minutes. So if your shop has a requirement for continuous availability, then IBM i can now do it for you. What’s really cool about DB2 Mirror is that two systems (and applications) can effectively update the same shared database. If one system goes down, applications on the other system carry on with business as usual.
Please note that this doesn’t replace a DR or an HA solution. Since the ultra high-speed RoCE connection between boxes in a DB2 Mirror for i environment requires machines that need to be right on top of each other (within 100 meters), you’re still in a major pickle with all eggs in one basket. An HA or a DR solution to get to a system offsite is required in the event of a major catastrophe (fire, tornado, flood).
DB2 Mirror for i is such a major feature that it overshadows most of the rest of the 7.4 announcement. So let’s downplay it a little bit and instead focus on what you can put to use right away and what you need to be aware of before you upgrade.
With security, you’ve got a few new goodies. TLS 1.3 has been released and it, along with TLS 1.2, are the default encryption protocols on 7.4. You’ve also got three new ciphers that TLS 1.3 will use. Note that IBM had also stated that TLS 1.0 and 1.1 are now deemed insecure and are disabled by default, along with previously disabled SSLv3. What’s interesting, though, is the elimination of SSLv2 entirely. While you can manually enable TLS 1.1, TLS 1.0, and SSLv3, you are forbidden to enable SSLv2. Good.
Authority Collection has been enhanced to collect information based on an object, rather than by a user profile. So, if you have a payroll file and want to understand exactly how it’s being accessed, that’s now possible. This will help customers be able to lock down objects with precision cuts, rather than using an axe.
Java 7 (32- and 64-bit) has been removed in 7.4, leaving us with Java 8.
For “middleware,” WebSphere needs to be at 220.127.116.11 or 18.104.22.168, and Domino 10.0.1 is the only supported Domino release on 7.4.
IASP vary-on performance speed has been improved. If you’re running POWERHA, that’s a huge benefit to cut down on the time it takes to do a full hardware swap.
DB2 for i received a number of new services!
APIs have been added that allow access to encryption functions previously behind the Digital Certificate Manager interface. Now you can automate some of those management tasks!
NetServer and QNTC now both support SMB3, and it’s the default at 7.4. You’ll benefit from performance increases by moving up to SMB3, not to mention security benefits with end-to-end encryption.
For open source, there’s a ton of new stuff. R is one of the most popular programming languages, and we now have it on IBM i. R excels at statistical computing and data mining, which is important in our big data world.
But what’s my ultimate top-notch favorite feature of 7.4? I’m sure it’s one that only system admins will care about. It’s on the Go Save/Restore menu options: the choice to start the controlling subsystem after the save/restore operation has finished! To me that’s huge. Chances are, if I’m doing a full system save, then I’m about to do something a little invasive. I’m putting on PTFs, or doing an OS upgrade, or the like. And 999 times out of 1000, I never want to start the controlling subsystem after a full system save. Therefore, I’ll be picking “N” on that parameter rather than waiting for the save to end so I can immediately end all subsystems before they start, which is kind of sloppy.
I’ll continue playing with 7.4 and keep you informed of anything else I’ve found hiding.