AWS for Industries

Migrating AS/400 and IBM i Applications to AWS with Infinite

AS/400 systems are still used by numerous organizations in sectors such as financial services or manufacturing. They typically host core-business workloads such as accounting or supply chain software. For customers with AS/400 (and the successor iSeries, System i, and IBM i systems), the Infinite software solution, available in AWS Marketplace, helps migrate AS/400 workloads to Linux on AWS while minimizing application code impact. In this post, we highlight the Infinite on AWS solution, migration considerations for AS/400 users as well as step-by-step instructions on how to launch Infinite i.

AS/400 customer challenges

Today’s AS/400 customers are facing high costs and an inflexible architecture that many see as end-of-life. They are using critical applications deployed on aging IBM proprietary hardware. Programs and data are locked in proprietary hardware and software with inflated licensing costs. The database is also proprietary and sharing information with other standard SQL or non-structured data environments is difficult. Finding qualified personnel for managing AS/400 systems is becoming challenging. As the rest of the data center is migrated to the cloud, customers do not want to leave their AS/400 applications on-premises.

Infinite i on AWS

The Infinite i toolset enables you to recompile and deploy of AS/400 RPG and COBOL applications on AWS. Infinite i includes compilers for RPG, RPG/ILE, RPG/Free, COBOL, Control Language Programs (CLP), and Data Description Specifications (DDS). The deployment environment manages data, job, messaging queues, executes database calls, and satisfies control language commands (CL) within a Linux environment. Once recompiled and deployed on Infinite on AWS, applications execute with the functional equivalence of the original IBM i or AS/400 system.

As shown in the diagram below, business functions stay the same when migrating to Infinite on AWS. Application code, utility dependencies, and data format mostly stay the same, while the underlying proprietary middleware, operating system, and hardware are replaced with Infinite on AWS.

The application source code is required and recompiled for execution on Infinite i. If some source code is missing, Infinite has some capabilities to regenerate source code from module binaries. Once recompiled, the code is executed as native x86 instructions avoiding the performance challenges of hardware emulators doing processor instructions translation. Once migrated to Infinite on AWS, there is no IBM component anymore, hence no IBM support and no IBM license fees.

On the data side, Infinite i supports all routine functionality of DB2/400 including simple and logical joins, select and omit, triggers, journaling, multi-member, and multi-format logicals. The data can be stored in either the Infinite internal database or in an external database, such as Amazon Relational Database Service (RDS), Amazon Aurora, MySQL, Oracle database, or Microsoft SQL Server. With the external database, Infinite i creates the database schemas mapping physical files to tables, logical files to views and, at runtime, translates transparently the application database calls (READ, READE, SETLL etc.) to the appropriate SQL statements allowing the application to run without code changes.

Infinite i includes the following components:

  • Runtime supporting OS/400 commands, Job Management, Spool Management
  • Compilers for AS/400 languages including DDS, RPG, COBOL, CL, Commands, Panel Groups
  • Utilities such as Query/400, DFU, PDM
  • Migration Tools for migrating applications and data via SAVF files
  • Internal Database supporting PFs, LFs, Multi-member files, Join Logical Files, Triggers, Journaling
  • Internal Database Connectors with ODBC and JDBC drivers to access PFs and LFs when remaining in the Infinite internal database.
  • Distributed Data Management support (DDM) for data integration
  • IBM MQ compatibility for messaging integration
  • Database Connect for converting PFs and LFs to an external database such as Amazon RDS Oracle database or MS SQL Server

Infinite i supports Amazon Linux 2. When the data is migrated to an external relational database such as Amazon Aurora or Amazon RDS, the data is reformatted into ASCII tables and views. Once outside of DB2/400, data is available for reporting, analytics, or data sharing with other data stores. Data can then be accessed either via the existing programs deployed on Infinite possibly using a TN5250 client, or data can be accessed directly within the relational database using common Structured Query Language (SQL) tools and APIs. For example with data in Amazon RDS or Amazon Aurora, a customer can build a serverless application making data available to mobile users.

The diagram below shows the AWS services used in conjunction with Infinite i including Amazon Elastic Compute Cloud (EC2) for the application and Infinite i execution, Amazon Relational Database Service (RDS) for the Infinite external database, AWS Identity and Access Management (IAM) for security, and Amazon CloudWatch for monitoring. If an AS/400 system hosts multiple logical partitions (LPAR), each LPAR can be migrated to one EC2 instance with Infinite i.

Infinite i can participate in a DevOps Continuous Integration and Continuous Deployment pipeline for quicker and more agile developments. Infinite provides the tools to move source code from and to physical file members in order to have this code managed by a Git-repository manager such as GitHub or GitLab. The pipeline can include RPG and COBOL code analysis with SonarQube to find code smells, bugs, and security vulnerabilities.

Security, availability, and scalability

The Infinite i on AWS solution provides enterprise security features readily available. For data security in transit, Infinite allows SSL/TLS encryption of the TN5250 communication. Furthermore AWS VPN and AWS Direct Connect provide encryption and dedicated network connectivity from the corporate network to the Amazon VPC network. For data security at rest, customers can benefit from Amazon RDS platform-level encryption. For identity, authentication, and authorization, Linux security and AWS IAM are used.

For application-level security, Infinite i uses the CHGAUT command handling security for libraries and objects. It relies on the underlying Linux operating system adjusting the Unix access control lists and security attributes in order to grant or revoke resource permissions to users and groups.

At the network level, the solution is further secured by AWS Network Access Control Lists and Security Groups. Auditing is facilitated by CloudTrail and VPC Flow Logs. AWS also provides Amazon Inspector for vulnerability detection, AWS Config for policy enforcement, Amazon GuardDuty for threat intelligence. Security is job zero at AWS. Customers benefit from AWS security features designed for some of the most security-sensitive enterprises and institutions.

For availability, Infinite benefits from AWS Availability Zones (distinct isolated physical locations). In case of failure, it fails-over automatically and transparently for the end-users. Configuration and data stay available within Amazon Elastic File System (EFS) and Amazon RDS.

With AWS Cloud, Infinite i can scale by changing the underlying hardware in minutes. Infinite i can scale from a few users to over 1000 users. AWS provides a large choice of instance types from the general purpose m5, to the computed optimized c5 or the memory-optimized r5. Furthermore for each instance type, there are several sizes available (t-shirt sizes): small, medium, large, xlarge, 2xlarge… All these instance types readily available combined with the ability to analyze resource consumption in Amazon CloudWatch allows choosing and adjusting the right instance type for each AS/400 workload.

Migration process for programs and data

The compilers use build instructions from object code and look for the dependencies, much like those provided in AS/400. They compile multiple languages at a time, incorporating multiple versions of RPG and COBOL with CL and DDS. The system creates 64-bit native objects to be deployed at runtime on the Infinite i environment. Here is the process for a typical migration:

  • Create the AS/400 backup (SAVF save files) – Libraries are saved using SAVLIB (with COMPACT (*no)). Documents and folders use SAVDLO, while individual objects use SAVOBJ. Backup must include:
    • All the application distribution libraries including source and object code like Programs (*PGM with attributes CLP, RPG, RPGLE, COBOL, etc.) along with Service Programs (*SRVPGM), Binding Directories (*BNDDIR), Data Areas (*DTAARAs), etc exactly as the libraries are structured on the AS/400.
    • Q*LIB libraries are not required unless there are application objects (OUTQs, JOBDs, JOBQs, DTAARAs, DTAQs, Field Reference Files, etc) in libraries like QSYS or QUSRSYS.
    • All the application physical and logical DB2/400 database files.
    • User Profile information that allows execution of the programs generated by DSPUSRPRF.
    • Objects compressed using the CPROBJ command, which must be decompressed using the DCPOBJ before saving the objects.
    • All programs using AUTO-REPORTING which must be compiled using the RPTOPT (*source) OUTFILE (<library>/QRPGSRC).
    • Field Reference File(s) source code.
  • Deploy Infinite i on AWS – Deploy Infinite i from AWS Marketplace; where a free trial is available. Depending on the type of environment, you can configure multiple topologies across AWS Availability Zones and with the internal database versus external.
  • Transfer the backup to Infinite i on AWS – The transfer of the SAVF file(s) from AS/400 to the Amazon EC2 instance is typically done either over a secure TCP/IP network, or via AWS Snowball. This transfer includes both the program and the data of the original AS/400 application.
  • Restore the backup on Infinite i – With the restore application command (RSTAPP), application components are loaded inside Infinite i including all the source files, members, data, catalog information for recompilation, and other object types such as job descriptions and message files. The AS/400 library structure is recreated within the Infinite Linux file-system.
  • Build the application – With the run build instructions command (RUNBIF), Infinite calls the corresponding create commands (CRTPF, CRTRPGPGM, CRTBNDRPG, etc) recompiling all the source members for native execution on AWS vCPUs.
  • Integrate with other components – Each AS/400 application is different and may integrate with various front-end servers, third-party dependencies, messaging middleware. The application or external components are configured to communicate as expected to execute their business function. During this activity, a customer may choose to move application data in the external relational database instead of the Infinite internal database. Infinite does not use scripts to convert physical and logical files to the relational database. It’s a more intrinsic process in which the CNVSQLTBL command reads the PF or LF DDS and uses OCI calls to submit the appropriate CREATE instructions to generate the relational database components using the most appropriate data types. The implementation on Infinite using a third-party database is entirely transparent to the application programs.
  • Test the application – During this activity, customer test cases are executed validating functional equivalence between the original AS/400 system and the Infinite on AWS solution.

Migration project timeline

An AS/400 migration to Infinite on AWS generally takes around 4–10 weeks, depending on complexity, size, and potential missing assets. Typically, Infinite or a System Integrator will assist with your code migration and tests. The image below shows typical project activities for a migration from AS/400 on-premises to Infinite on AWS.

The customer provides the AWS accounts where the Infinite Development, Integration, and Production environments are deployed. Consequently, programs and data stay under customer security policies enforced both on-premises and on AWS. The customer provides access to Infinite EC2 instances as required for Infinite or System Integrator assistance.\

How to launch and access Infinite i from AWS Marketplace

AWS Marketplace is an online store of software listings that makes it easy to find, test, buy, and deploy software that runs on AWS. Infinite i in AWS Marketplace is available with a 30-day free trial period. You can deploy it in minutes with a few clicks by following these steps:

  • Step 1 – Go to the AWS Marketplace product page for Infinite i.
  • Step 2 – Continue to Subscribe to the product.
  • Step 3 – Accept the terms of the subscription and Continue to Configuration.
  • Step 4 – Configure this software by verifying the Fulfillment Option is appropriate and the Software Version is the latest. Select the Region where you want to launch Infinite i as shown below. Then continue to Launch.
  • Step 5 – Select all the desired launch options as shown below.

    For Security Group Settings, select Create New Based On Seller Settings as shown below.

    Enter a security group name, description, limit source IP as needed, and click Save.
    Then select Launch, and you’ll see the following message.
  • Step 6 – Go to the Amazon EC2 console to view Instances, as shown below.

    Wait for the new EC2 instance to be in running state with the checks passed.
    Keep a note of the Public DNS or the Public IP for this instance.
  • Step 7 – Connect to this EC2 instance as per these Connect To Your Linux Instance
  • Step 8 – Switch to superuser and set a password for the qsecofr user. The qsecofr is used later to connect to Infinite I from the TN5250 client.

sudo su –
passwd qsecofr

  • Step 9 – Start your TN5250 client. If you do not have a TN5250 client, you can either install Tn5250j, or use the Infinite 5250 web interface, or the IBM i Access Client Solutions.
  • Step 10 – With Tn5250j, add a Connections Session. Under the TCP/IP configuration, specify the previously noted EC2 instance Public DNS or the Public IP, and enter the 5250 Port, as shown below.
    Add this new session and Connect it to Infinite i.
  • Step 11 – Sign On with user qsecofr and the password you previously set for it as shown below.
  • Congratulations, you are now using Infinite i on AWS! The image below shows your final screen.
    You may continue navigating the menu, or you can deploy and compile a sample application such as the Infinite Invoicing Sample Application.

Customer benefits

Many enterprises today are seeking an alternative platform for their AS/400 applications. They find many benefits in moving these applications to Infinite i on AWS:

  • Lower cost with both Infinite and AWS following a pay-as-you-go model available via AWS Marketplace. Once migrated, there is no IBM license or hardware cost anymore.
  • Higher availability with automated failover across AWS Availability Zones (distinct isolated physical locations).
  • Better scalability with a large choice of instance types with numerous CPU, memory, and network bandwidth options that can be changed with a few clicks.
  • Increased infrastructure agility being able to start or terminate an Infinite instance in minutes and to include Infinite applications in a Continuous Integration / Continuous Delivery pipeline (CI/CD).
  • Similar application code (COBOL and RPG) and similar execution environment reproducing AS/400 functions allows keeping the skilled AS/400 personnel while transitioning the underlying infrastructure to modern practices.
  • Data access and data insight by migrating the AS/400 data to the easily accessible Amazon RDS, Amazon Aurora, Oracle database, or Microsoft SQL Server.

Conclusion

In this post, we listed considerations for migrating AS/400 and IBM i workloads to Linux on AWS as well as instructions on launching Infinite i from AWS Marketplace. Customers moving these applications to their AWS Cloud often experience lower costs, higher availability and scalability, and a safer migration process, due to the use of similar application codes (COBOL and RPG) and environment. To try Infinite i, use the free trial in AWS Marketplace.

Bruce Acacio

Bruce Acacio

Bruce Acacio is the CEO of Infinite Corporation, a leader in IBM i legacy system migration. Bruce is an expert in the area of AS/400 legacy software applications and the technology required to modernize them. He holds 4 patents for technology which serves that purpose. He leads the Infinite sales, technical sales, development, and delivery teams responsible for the migration of AS/400 systems to x86 environments and the cloud.

Phil de Valence

Phil de Valence

Phil de Valence is an AWS Principal Solutions Architect and a global technical lead for mainframe and legacy modernization. Phil has worked with mainframes for about 20 years primarily focusing on modernization initiatives for customers worldwide. In his current role, he advises customers and partners on how to best leverage AWS value proposition for mainframe and legacy systems. He contributes to AWS and partner innovations for unleashing the value of legacy assets with AWS.