Credit: Rutger Paulusse
Hyper Protect Services modernize and transform IBM Z for cloud
By Sol Lederman
Powerful trends are redefining how enterprises use technology to deliver value to their customers to keep up with the quickening pace of business. In particular, businesses are increasingly relying on multicloud computing, DevOps tools and principles, containers, Linux, and open-source tools to build cloud-native applications. These applications must continuously deploy anywhere and scale automatically.
While Linux and open-source tools are hardly new to the IBM Z platform, figuring out how to integrate IBM Z resources and services into larger multiplatform and multicloud development ecosystems has traditionally been a challenge. Two new offerings from IBM enable IBM Z integration into those larger ecosystems, helping modernize and transform the IBM Z platform to achieve the agility and flexibility of the cloud while maintaining corporate firewall protection. Those offerings are IBM Cloud Private for IBM Z and LinuxONE, and z/OS Cloud Broker for IBM Cloud Private.
“IBM offers you so many choices in your cloud infrastructure and we support them all so that you can choose the best fit for your application and business requirements.”
Sherri Hanna // Program director, Worldwide IBM Z Marketing
Extending IBM Cloud Private Capabilities
IBM Cloud Private for IBM Z and LinuxONE extends IBM Cloud Private capabilities by bringing powerful cloud tools to the platform. These include Docker and Kubernetes for managing containerized workloads, IBM Cloud Automation Manager for noncontainerized workloads, and a catalog with a library of services including Db2, WebSphere, Data Science Experience, Node.js and others. IBM Cloud Private is a full-stack private cloud software offering that sits behind the corporate firewall and provides the foundation for rapidly developing cloud-native applications.
IBM Cloud Private combines elements of Platform as a Service (PaaS) with elements of Containers as a Service (CaaS). It includes DevOps tools, commonly associated with PaaS, and also all of the packages and dependencies needed to install the Kubernetes environment on LinuxONE to create a turnkey solution for deploying CaaS. Using the automated installer, IBM Cloud Private can be up and running in under an hour.
Kavita Sehgal, offering manager, IBM Cloud Private, Linux on Z, notes that despite its name, IBM Cloud Private reaches beyond the private cloud. “IBM Cloud Private gives clients the flexibility to also leverage their workloads on a public cloud so they can connect to any public cloud. So, it basically gives them hybrid cloud capability rather than just private cloud capability.” This flexibility allows enterprises to consume some services delivered on public clouds while providing other services via their on-premises clouds in order to meet their organizations’ compliance requirements.
Among the tools that support the IBM Cloud Private environment, two that facilitate modernization are especially noteworthy: Microclimate and IBM Cloud Transformation Advisor. Microclimate is a complete DevOps environment. The solution enables containerized development, rapid iteration with real-time performance insights, intelligent feedback, diagnostic services, an integrated DevOps pipeline and deployment to the cloud.
IBM Cloud Transformation Advisor evaluates on-premises Java Enterprise Edition applications for cloud deployment. It determines application complexity, identifies potential problems in moving the application to the cloud, calculates the development cost of moving it and recommends the best environment to move it to.
Sherri Hanna, program director, Worldwide IBM Z Marketing, notes that for large COBOL applications, modernization efforts are supported by tools such as IBM Application Discovery and Delivery Intelligence, IBM Application Delivery Foundation for IBM Z and IBM z/OS Connect.
Application Discovery and Delivery Intelligence helps developers quickly discover and understand interdependencies and impacts of change in the modernization project.
Application Delivery Foundation for IBM Z is a rich integrated development environment for efficiently making the changes driven by the modernization project and can also be used to simply maintain z/OS applications.
z/OS Connect is used to expose data and transactions via IBM Z middleware (i.e., CICS, Db2 and IMS) as services without deep subsystem knowledge. These services can be easily consumed as parts of hybrid cloud initiatives.
z/OS Cloud Broker for IBM Cloud Private
The second new IBM Cloud offering, z/OS Cloud Broker for IBM Cloud Private, uses the widely adopted Open Service Broker API and IBM z/OSMF to integrate z/OS resources and services into IBM Cloud Private. Non-IBM Z developers and end-users can now consume these resources and services without needing any special IBM Z skills. While IBM Z assets are exposed via z/OS Cloud Broker for IBM Cloud Private, the security characteristics and control that are inherent to IBM Z remain fully in place.
Integration with IBM Cloud Private allows for service discovery and management in the multicloud environment. Back-end services for z/OS are published in the z/OSMF software catalog using IBM Cloud Provisioning and Management for z/OS. RESTful APIs provided by z/OSMF allow access to its software catalog from the IBM Cloud Private Kubernetes master via z/OS Cloud Broker for IBM Cloud Private. The end result of this integration is a self-service consumption model for z/OS middleware that improves the DevOps process, particularly the configuration and deployment of software.
While increased flexibility frequently comes at the cost of added complexity, the combination of IBM Cloud Private for LinuxONE and z/OS Cloud Broker for IBM Cloud Private actually minimizes complexity. Kubernetes centrally manages workloads across multiple clouds and multiple platforms from a single management pane. Sehgal likens this “single pane of glass” management experience to having a universal remote. That centralized management extends to IBM Z services via the Open Service Broker. “Clients can now deploy workloads on Linux on POWER, Linux on x86, public clouds and Linux on IBM Z as well as on z/OS,” Sehgal notes. IBM is the only company offering cloud services that support the IBM Z platform.
Opening up IBM Z to non-IBM Z developers is important due to the widening skill gap. Developers with specialized IBM Z skills gained over many years are retiring and their successors are not inclined to learn them. Exposing IBM Z services allows the next generation to gain value from them without learning those skills.
Beyond easing the skill gap, Nathan Dotson, IBM Z offering manager, Cloud, sees a more important reason for changing the way developers provide and consume IBM Z resources. He notes that the paradigm is changing to what he would call a hybrid developer model. “Developers are expected to pull and use the key differentiating factors from across technology platforms, whether that be x86 and Intel, or leveraging something from IBM Z, because it provides something that’s critical and crucial to the application that needs to be developed,” Dotson says.
The bigger picture is that the gap that needs to be narrowed is deeper than a skills gap. “The way services are consumed or how they’re served up for consumption is the same across all architectures and platforms,” Dotson explains. “Clients are looking to have their developers be hybrid [be able to consume resources across platforms]. They also expect the architectures that are serving things up to be compatible with how development is being done.” This means refactoring mainframe applications when possible or isolating services and exposing them via RESTful APIs using tools such Application Discovery and Delivery Intelligence and IBM z/OS Connect.
An Open Cloud Strategy
In this new way of consuming resources in modern cloud-friendly ways, it’s critical that the DevOps tools aren’t proprietary and don’t lock customers into a particular vendor. The IBM Cloud Private for IBM Z and LinuxONE strategy ensures access to a large ecosystem of open-source and non-proprietary Linux tools. Use of the open-source Open Service Broker by z/OS Broker for IBM Cloud Private also avoids vendor lock-in. Finally, it’s worth noting that building IBM Cloud Private on a foundation of Kubernetes, Helm and other open-source cloud management tools open the platform to IBM technology and others.
A great benefit of multicloud is that workloads can run on the systems that are best matched to the needs of a particular application. Integrating IBM Z into the multicloud ecosystem brings the quality of service, security, reliability, scalability and sheer horsepower of IBM Z to the environment. The powerful IBM Z transaction processing capabilities are now easily available within the ecosystem. Furthermore, IBM Cloud Private enables the cloud platform to run cloud-native applications that are either IBM middleware, data, artificial intelligence or open-source software, tools, or runtimes, and also to run ISV workloads on the platform.
The IBM Blockchain as a Service Platform is a key strategic offering that can be deployed in IBM Cloud Private. Clients can now run blockchain applications behind their firewalls and manage costs, security and data sovereignty. The IBM Blockchain Platform can also run in IBM Cloud and in public clouds (currently AWS.) The offering provides a variety of tools, templates, demos and more to minimize the time to productivity with blockchain technology.
Whatever workloads clients deploy in their on-premises or hybrid clouds, those running on IBM Z and LinuxONE servers can benefit from IBM Secure Service Container for IBM Cloud Private. Secure Service Container for IBM Cloud Private hardens mission-critical, highly-sensitive, Docker- and Kubernetes-based workloads; it provides protection against insider and external threats and automatic encryption of data in flight and at rest.
For those clients who want to innovate in a secure cloud without infrastructure spin up, IBM also offers Hyper Protect Services, a cloud offering, to protect your data with cloud services that offer encryption, isolation and compliance management, running on the LinuxONE platform.
Streamlining the Cloud Experience
Modern multicloud environments are powerful drivers of digital transformation. The challenge is that they can be incredibly complex to set up and manage. While using public clouds and as a service offerings can meet many IT needs and reduce some complexity, on-premises clouds are required for mission-critical applications whose data needs to be protected for security and regulatory reasons and for environments where close management of the physical infrastructure is required.
Fortunately, IBM Z clients don’t have to choose one type of cloud or the other; both are within reach. And it’s no longer the case that deploying a private cloud must be complicated and time-consuming. Businesses can shift their attention from the effort involved in getting the cloud going to the value they can derive from the numerous cloud offerings. They can let the value guide their decision making and let the platform tools minimize the complexity.
“IBM offers you so many choices in your cloud infrastructure and we support them all so that you can choose the best fit for your application and business requirements,” Hanna notes as she summarizes IBM’s cloud strategy. “And the best part about it is that these capabilities are deployed on the industry-leading secure platform, to minimize risk and increase agility.”