OpenShift and IBM Cloud Paks introduction —
Partner Deck IBM Developer
Spencer Krum Developer Advocate, IBM @nibalizer Containers, Open source, Video games, tennis, Cheeseburgers Cloud Pak Overview
● 6 Cloud Paks today ● Bundled software from IBM, Red Hat, Open Source ● Container native on Kubernetes ● Secure, Trusted, Supported
IBM Cloud / © 2019 IBM Corporation Cloud Pak Partner Opportunities
● Build a business value application on top of a cloud pak ● Build an integration with a cloud pak ● Build support tooling for a cloud pak ● Service to install, manage, and upgrade cloud pak
IBM Cloud / © 2019 IBM Corporation A managed service providing an intuitive user experience with simplified cluster lifecycle management on upstream Kubernetes
clusters. Includes built-in security and isolation to enable rapid delivery of apps, while leveraging IBM Cloud Services including Weather
data, IoT, Analytics, or AI capabilities with Watson. Available in six IBM regions worldwide, including 35+ datacenters. Learn more at: www.ibm.com/cloud/container- service
IBM Cloud / © 2019 IBM Corporation Datacenter Expansion - 6 IBM Regions Data Center City AP North • hkg02 • Hong Kong • seo01 • Seol Cloud Regions, 30+ • sng01 • Singapore • che01 • Chennai • tok02 • Tokyo Datacenters • tok04 • tok05
AP South • mel01 • Melbourne • syd01 • Sydney • syd04
EU Central • ams03 • Amsterdam • oslo01 • Oslo • mil01 • Milan • par01 • Paris • fra02 • Frankfurt • fra04 • fra05
United Kingdom • lon02 • London • lon04 • lon05 • lon06
US East • mon01 • Montreal • tor01 • Toronto • wdc04 • Washington, DC • wdc06 • wdc07
US South • sao01 • Sao Paulo • hou02 • Houston • mex01 • Mexico • sjc03 • San Jose • sjc04 • Dallas • dal10 IBM Cloud Kubernetes Service | ©2019 IBM Corporation • dal12 • dal13 Projects vs. Products
Production-Grade Open Source Production-Grade Open Source based Project Product quarterly minor releases, no Long Term Support quarterly releases, support for major release 3+ years community support enterprise support platform certification: (AKS, EKS, GKE, IKS) ecosystem certification: platform and app core framework / limited security containers platform or user responsible to integrate beyond k8s core plus abstractions / dashboard / security core opinions and integration of common features
IBM Developer 7 OpenShift is trusted enterprise Kubernetes
IBM Developer 8 OpenShift Personas
Summary of the kinds of challenges and pain points experienced by multiple personas Line of business Solution Architect Operations Admin Enterprise Developer Compliance/Audit owner • Integrates with our • Supports languages environment • Aligned to corporate and frameworks we • Increase velocity of • Manages requirements use application delivery • Security built-in containerized apps • Scalable and efficient • Agility in projects with • Modernizing • Public cloud • Day 2 operations • Available where integrated devops applications compliance • Enable developer needed • Less time with • Reducing costs • Private cloud options productivity/ownershi • cloud architectures plumbing, more time • KPI visibility p with coding • Features we need
A successful solution appeals to a broad range of roles, not just those classically associated with applications and code.
Champ: Solution Architect Todd: Operations Admin Jane: Lead Enterprise Developer Shani: Line of business owner Zora: Compliance/Audit
IBM Developer 9 Addressing complexity
Tomorrow’s challenges. What is cloud- native?
Today’s skills
12-Factor applications Cloud Environment https://12factor.net/
Champ: Solution Architect Independent, autonomous, stateless, Configuration sources, service references processes
Java EE
Jane: Lead Enterprise Microservices DevOps Developer
Build, package, deploy, observe IBM Developer Application as composition of polyglot 10 services Effective Bi-directional Collaboration Drives Value in an otherwise frustrated relationship
Champ Jane Curates Consumes Collections Collections
Accelerates Using pre-built, pre- development with integrated governance to meet Champ the Jane the Enterprise collections allows company policies and Solution Architect Developer her to developer approved technology faster and think less choices about infrastructure Self-Service Standards- based
Multi- Web- language scale
Automation Open Source
Collaboratio Enterprise n Grade Multi- Secur tenant e
IBM Developer 12 OpenShift Container Platform
Application Cluster Developer Services Services Services
Middleware, Service Mesh, Metrics, Chargeback, Registry, Logging Dev Tools, Automated Builds, CI/CD, IDE Functions, ISV Automated Operations*
Kubernetes
Red Hat Enterprise Linux or Red Hat CoreOS Best IT Ops CaaS PaaS Best Developer Experience Experience
*coming soon
IBM Developer 13 OpenShift Architecture
ROUTING LAYER
SERVICE LAYER
NODE NODE NODE PERSISTE SCM MASTER NT (GIT) STORAGE C Cc API/ AUTHENTICATION C C C CI/CD DATA STORE RHEL RHEL RHEL
SCHEDULER NODE NODE NODE REGISTR Y EXISTING HEALTH/SCALING C C C C AUTOMATION TOOLSETS
RED HAT C ENTERPRISE LINUX RHEL RHEL RHEL
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
IBM Developer 14 Container runtime
A lightweight, OCI-compliant container runtime
Runs any OCI- Minimal and Secure Optimized for compliant image Architecture Kubernetes (including docker)
IBM Developer 15 Routes
routes add services to the external load- balancer and provide readable urls for the app
ROUTE app-prod.mycompany.com > curl http://app-prod.mycompany.com BACKEND SERVICE
POD POD POD
CONTAINE CONTAINE CONTAINE R R R
IBM Developer 16 Projects – extends k8s namespaces projects isolate apps across environments, teams, groups and departments PAYMENT DEV CATALOG
POD POD POD ❌ POD POD POD C C C C C C
PAYMENT PROD INVENTORY
POD POD POD ❌ ❌ POD POD POD C C C C C C
IBM Developer 17 Source-to-Image
Git code COMMIT Repository APP Developer (User) Source-to- Image BUILD (S2I) Builder Image IMAGE Image Registry (OpenShift)
deplo Application y DEPLO Container Y (OpenShift) User/Tool OpenShift Does Does
IBM Developer 18 Jenkins-as-a-Service
Certified Jenkins images with pre-configured plugins Plugins Jobs ○ Provided out-of-the-box Configuratio ○ Follows Jenkins 1.x and 2.x LTS versions n
Jenkins S2I Builder for customizing the image ○ Install Plugins ○ Configure Jenkins Jenkins ○ Configure Build Jobs (S2I)
OpenShift plugins to integrate authentication with Jenkins OpenShift and also CI/CD pipelines Image
Dynamically deploys Jenkins slave containers Custom Jenkins Image
IBM Developer 19 Log management with EFK
EFK stack to aggregate logs for hosts and applications ○ Elasticsearch: a search and analytics engine to store logs ○ Fluentd: gathers logs and sends to Elasticsearch. ○ Kibana: A web UI for Elasticsearch.
Access control ○ Cluster administrators can view all logs ○ Users can only view logs for their projects
Ability to send logs elsewhere ○ External elasticsearch, Splunk, etc
IBM Developer 20 Web Console
Application dashboard Service Catalog
IBM Developer 21 IBM Cloud Paks A faster, more secure way to move your core business applications to any cloud through enterprise-ready containerized software solutions Complete yet simple IBM containerized software Application, data and AI services, Packaged with Open Source components, fully modular and easy to consume pre-integrated with the common operational services, and secure by design IBM certified Full software stack support, and ongoing security, compliance and version Container platform compatibility and operational services Logging, monitoring, security, Run anywhere identity access management On-premises, on private and public clouds, and in pre-integrated systems
IBM Cloud Edge Private Systems
IBM Developer 22 IBM Certified and production ready
Containers IBM Cloud Alone Paks Client creates containers Complete solutions or receives software as certified for standalone container(s) enterprise use cases Runs anywhere Yes Yes Cloud Paks Vulnerability scanned Yes Yes t
e Red Hat container certification Depends on product Yes k r
a Complete solution w/ container
m No Yes
platform o t Flexible & modular: Pay for what you d No Yes e use e p
S IBM certified/orchestrated for production No Yes (Built for Kubernetes by experts; certified against 250+ criteria) Multicloud validation No Yes Integrated deployment experience No Yes
Containerized Full stack support by IBM No Yes software (Base OS, software, and container platform) alone License metering integration No Yes
Enterprise security Scalable and resilient No Yes 23 Encrypted secrets / limited privileges Do it yourself Yes Management and operations Build your own Yes Lifecycle Management Manage it yourself Yes Organized by Capability
Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Applications Data Integration Automation Multicloud Management
Developer & Modernization API Messaging Operational App and DevOps Tools Organize Analyze Content Multicluster Toolkit Lifecycle and Events Intelligence Infrastructure
Security and Compliance Frameworks and Collect App and Data Workflow and Decisions Management Runtimes Integration
Container Container Container Container Container platform and platform and platform and platform and platform and operational services operational services operational services operational services operational services
IBM Cloud Edge Private Systems
IBM Developer 24 Cloud Pak for Applications
RUN EXISTING APPS BUILD NEW MODERNIZE APPS APPS
IDE Tools: Codewind
Kabanero WebSphere Enterprise Application Server Red Hat IBM Integrated Application Runtimes IBM Runtime Java: Node.js: Modernization & s • WebSphere ND Open Liberty • Loopback Developer Tools •JBoss • MicroProfile • Express WebSphere Base •Vert.x • Spring Transformation •Node.js • OpenJ9 Liberty Core (etc.) • Hotspot Advisor WebSphere Migration Digital App Builder Knative Tekton Toolkit Appsody Integrated Mobile DevOps Enterprise Dev tools IBM Mobile Service extensions for local Foundation s IDE’s Red Hat OpenShift Group Name / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 26 Kabanero – Changing process to build Cloud Native Applications
IBM Developer 27 Addressing complexity
Tomorrow’s challenges. What is cloud- native?
Today’s skills
12-Factor applications Cloud Environment https://12factor.net/
Champ: Solution Architect Independent, autonomous, stateless, Configuration sources, service references processes
Java EE
Jane: Lead Enterprise Microservices DevOps Developer
Build, package, deploy, observe IBM Developer Application as composition of polyglot 28 services Effective Bi-directional Collaboration Drives Value in an otherwise frustrated relationship
Champ Jane Curates Consumes Collections Collections
Accelerates Using pre-built, pre- development with integrated governance to meet Champ the Jane the Enterprise collections allows company policies and Solution Architect Developer her to developer approved technology faster and think less choices about infrastructure Cloud Pak Partner Opportunities
● Build a business value application on top of a cloud pak ● Build an integration with a cloud pak ● Build support tooling for a cloud pak ● Service to install, manage, and upgrade cloud pak
IBM Cloud / © 2019 IBM Corporation What is still left to be managed (services opportunity)
• User is Responsible for: • Configure API key permissions to access IBM Cloud infrastructure portfolio • Deploy and manage Kubernetes resources, such as pods, service and deployments in cluster • Leverage capabilities of service and Kubernetes to ensure high availability of apps • Add or remove cluster capacity by resizing your worker pools • Enable VLAN spanning and keep your multilane worker pools balanced across zones • Create public and private VLANs in IBM Cloud infrastructure for network isolation of your cluster • Ensure that worker nodes have network connectivity to Kubernetes service endpoint URLs • Update master kube-apiserver when Kubernetes version updates are available • Keep worker nodes up-to-date on major, minor and patch versions • Monitor health of your cluster by setting up forwarding for your cluster components • Recover troubled worker nodes by running kubectl commands such as cordon or drain and running ibm cloud ks commands such as reboot, reload or delete • Add or remove subnets in IBM Cloud infrastructure as needed • Back up and restore data in persistent storage in IBM Cloud infrastructure • Set up logging and monitoring services to support your cluster’s health and performance • Configure health monitoring for worker nodes with Auto-recovery • Audit events that change resources in your cluster. Can be done using IBM Cloud Activity Tracker to view user-initiated activities that change state of your Kubernetes services instance https://cloud.ibm.com/docs/containers?topic=containers-your-responsibilities-by-using-ibm-cloud-kubernetes-service#your-responsibilities-by-using-ibm- cloud-kubernetes-service
IBM Cloud / © 2019 IBM Corporation Cloud Pak Partner References
● https://cloud.ibm.com/catalog/content/ibm-cp-applications#about ● https://cloud.ibm.com/catalog/content/ibm-cp-management#about ● https://cloud.ibm.com/catalog/content/ibm-cp-data#about ● https://cloud.ibm.com/catalog/content/ibm-cp-integration#about ● https://cloud.ibm.com/catalog/content/ibm-cp-automation#about
IBM Cloud / © 2019 IBM Corporation Major on the majors
Jane: Lead Jane rapidly builds and deploys micro-services Enterprise Java EE Developer
Champ: Solution Champ provides pre-configured application Architect stacks
Champ defines his opinionated platform IBM Developer 33 IBM Developer 34 Cloud Paks: Enterprise-ready containerized software
A faster, more secure way to move your core business applications to any cloud through enterprise-ready containerized software solutionsComplete yet simple IBM containerized Application, data and AI software services, Packaged with Open Source components, fully modular and easy to pre-integrated with the common operational consume Operationalservices, services and secure by design Logging, monitoring, metering, security, identity access management, image registry IBM certified Container platform Full software stack support, Kubernetes-based and portable and ongoing security, compliance and version compatibility
Run anywhere On-premises, on private and public clouds, and in pre- integrated systems Cloud Paks: Pre-integrated for cloud use cases
Today, IBM offers clients the first five Cloud Paks… Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Applications Data Integration Automation Multicloud Management
Developer Moderniza API Organize Analyze Messaging Content Operatio Multicluster App and & DevOps tion Lifecycl and Events nal Infrastructu Tools Toolkit e Intelligen re ce Frameworks and Collect App and Data Workflow and Decisions Security and Compliance Runtimes Integration Management Container Container Container Container Container platform and platform and platform and platform and platform and operational operational operational operational operational services services services services services
IBM Cloud Edge Private Systems Cloud Paks on IBM Cloud
Integrated with IBM’s public cloud, leveraging RedHat OpenShift on IBM Cloud
IBM Cloud IBM Cloud IBM Cloud IBM Cloud IBM Cloud Pak Pak for Pak for Data Pak for Pak for for Multicloud Applications Integration Automation Management
Build and modernize on a cloud platform explicitly architected for workload and data portability. Move those securely with Bring Your Own Key, Level 4 FIPS, and built-in
IBM public cloud industry compliance including PCI, HIPAA, GDPR, SOC1 and SOC2. Leverage a managed OpenShift that directly integrates into the same Kubernetes service that maintains 16,000+ clusters and 250 billion on- demand forecasts daily at The Weather Company. Enjoy push-button integrations with IBM and Red Hat middleware and cloud services through IBM Cloud Schematics and IBM Cloud Content Catalog. Compute isolation choices including bare metal worker nodes. Managed OpenShift offering with HA masters, multizone clusters, and 99.95% SLA.