Secure communications between your mainframe and the AMI is required. As part of acquiring and setting up the AMI, you would have setup general TCP/IP communications already. Now, you must setup public / private key pairs between the controller in the AMI and the controller in z/OS so that they can communicate securely.
This section contains:
Create NaCL key pair generation
The Controller Daemon uses a Public / Private key mechanism to ensure component communications are valid and secure. A key pair must be created for the sqdaemon process User-ID and the User-ID's of all the Agent processes that interact with the Controller Daemon.
The sqdutil utility program using the keygen command is used to generate the necessary keys. The command must be run under the User-ID that will be used to run the Controller Daemon process.
$ sqdutil keygenUse Mainframe controller to communicate with AMI
- Stop your mainframe controller daemon.
- Add your AMI controller public key to your mainframe authorized dataset. In this case,
WWCZXLA.SQDATA.NACL.AUTH.KEYS. - Restart your mainframe controller daemon.
Validate Kafka
- Use the following instructions to setup Kafka Consumer to check for messages produced by SQDATA.
- Sample command to browse data from Kafka Topic.
/home/ec2-user/kafka_2.13-2.8.1/bin/kafka-console-consumer.sh --bootstrap-server b-3.msktutorialcluster.XXXXX.XX.kafka.us-east-1.amazonaws.com:9098 --consumer.config client.properties --topic MSKTutorialTopic --from-beginning