Openshift and IBM Cloud Paks Introduction

OpenShift and IBM Cloud Paks introduction —

Partner Deck IBM Developer

Spencer Krum Developer Advocate, IBM @nibalizer Containers, Open source, Video games, tennis, Cheeseburgers Cloud Pak Overview

● 6 Cloud Paks today ● Bundled software from IBM, Red Hat, Open Source ● Container native on Kubernetes ● Secure, Trusted, Supported

● Build a business value application on top of a cloud pak ● Build an integration with a cloud pak ● Build support tooling for a cloud pak ● Service to install, manage, and upgrade cloud pak

clusters. Includes built-in security and isolation to enable rapid delivery of apps, while leveraging IBM Cloud Services including Weather

data, IoT, Analytics, or AI capabilities with Watson. Available in six IBM regions worldwide, including 35+ datacenters. Learn more at: www.ibm.com/cloud/container- service

IBM Cloud / © 2019 IBM Corporation Datacenter Expansion - 6 IBM Regions Data Center City AP North • hkg02 • Hong Kong • seo01 • Seol Cloud Regions, 30+ • sng01 • Singapore • che01 • Chennai • tok02 • Tokyo Datacenters • tok04 • tok05

AP South • mel01 • Melbourne • syd01 • Sydney • syd04

EU Central • ams03 • Amsterdam • oslo01 • Oslo • mil01 • Milan • par01 • Paris • fra02 • Frankfurt • fra04 • fra05

United Kingdom • lon02 • London • lon04 • lon05 • lon06

US East • mon01 • Montreal • tor01 • Toronto • wdc04 • Washington, DC • wdc06 • wdc07

Production-Grade Open Source Production-Grade Open Source based Project Product quarterly minor releases, no Long Term Support quarterly releases, support for major release 3+ years community support enterprise support platform certification: (AKS, EKS, GKE, IKS) ecosystem certification: platform and app core framework / limited security containers platform or user responsible to integrate beyond k8s core plus abstractions / dashboard / security core opinions and integration of common features

IBM Developer 7 OpenShift is trusted enterprise Kubernetes

IBM Developer 8 OpenShift Personas

Summary of the kinds of challenges and pain points experienced by multiple personas Line of business Solution Architect Operations Admin Enterprise Developer Compliance/Audit owner • Integrates with our • Supports languages environment • Aligned to corporate and frameworks we • Increase velocity of • Manages requirements use application delivery • Security built-in containerized apps • Scalable and efficient • Agility in projects with • Modernizing • Public cloud • Day 2 operations • Available where integrated devops applications compliance • Enable developer needed • Less time with • Reducing costs • Private cloud options productivity/ownershi • cloud architectures plumbing, more time • KPI visibility p with coding • Features we need

A successful solution appeals to a broad range of roles, not just those classically associated with applications and code.

Champ: Solution Architect Todd: Operations Admin Jane: Lead Enterprise Developer Shani: Line of business owner Zora: Compliance/Audit

IBM Developer 9 Addressing complexity

Tomorrow’s challenges. What is cloud- native?

Today’s skills

12-Factor applications Cloud Environment https://12factor.net/

Champ: Solution Architect Independent, autonomous, stateless, Configuration sources, service references processes

Java EE

Jane: Lead Enterprise Microservices DevOps Developer

Build, package, deploy, observe IBM Developer Application as composition of polyglot 10 services Effective Bi-directional Collaboration Drives Value in an otherwise frustrated relationship

Champ Jane Curates Consumes Collections Collections

Accelerates Using pre-built, pre- development with integrated governance to meet Champ the Jane the Enterprise collections allows company policies and Solution Architect Developer her to developer approved technology faster and think less choices about infrastructure Self-Service Standards- based

Multi- Web- language scale

Automation Open Source

Collaboratio Enterprise n Grade Multi- Secur tenant e

IBM Developer 12 OpenShift Container Platform

Application Cluster Developer Services Services Services

Middleware, Service Mesh, Metrics, Chargeback, Registry, Logging Dev Tools, Automated Builds, CI/CD, IDE Functions, ISV Automated Operations*

Kubernetes

Red Hat Enterprise Linux or Red Hat CoreOS Best IT Ops CaaS PaaS Best Developer Experience Experience

*coming soon

IBM Developer 13 OpenShift Architecture

ROUTING LAYER

SERVICE LAYER

NODE NODE NODE PERSISTE SCM MASTER NT (GIT) STORAGE C Cc API/ AUTHENTICATION C C C CI/CD DATA STORE RHEL RHEL RHEL

SCHEDULER NODE NODE NODE REGISTR Y EXISTING HEALTH/SCALING C C C C AUTOMATION TOOLSETS

RED HAT C ENTERPRISE LINUX RHEL RHEL RHEL

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

IBM Developer 14 Container runtime

A lightweight, OCI-compliant container runtime

Runs any OCI- Minimal and Secure Optimized for compliant image Architecture Kubernetes (including docker)

IBM Developer 15 Routes

routes add services to the external load- balancer and provide readable urls for the app

ROUTE app-prod.mycompany.com > curl http://app-prod.mycompany.com BACKEND SERVICE

POD POD POD

CONTAINE CONTAINE CONTAINE R R R

IBM Developer 16 Projects – extends k8s namespaces projects isolate apps across environments, teams, groups and departments PAYMENT DEV CATALOG

POD POD POD ❌ POD POD POD C C C C C C

PAYMENT PROD INVENTORY

POD POD POD ❌ ❌ POD POD POD C C C C C C

IBM Developer 17 Source-to-Image

Git code COMMIT Repository APP Developer (User) Source-to- Image BUILD (S2I) Builder Image IMAGE Image Registry (OpenShift)

deplo Application y DEPLO Container Y (OpenShift) User/Tool OpenShift Does Does

IBM Developer 18 Jenkins-as-a-Service

 Certified Jenkins images with pre-configured plugins Plugins Jobs ○ Provided out-of-the-box Configuratio ○ Follows Jenkins 1.x and 2.x LTS versions n

 Jenkins S2I Builder for customizing the image ○ Install Plugins ○ Configure Jenkins Jenkins ○ Configure Build Jobs (S2I)

 OpenShift plugins to integrate authentication with Jenkins OpenShift and also CI/CD pipelines Image

 Dynamically deploys Jenkins slave containers Custom Jenkins Image

IBM Developer 19 Log management with EFK

 EFK stack to aggregate logs for hosts and applications ○ Elasticsearch: a search and analytics engine to store logs ○ Fluentd: gathers logs and sends to Elasticsearch. ○ Kibana: A web UI for Elasticsearch.

 Access control ○ Cluster administrators can view all logs ○ Users can only view logs for their projects

 Ability to send logs elsewhere ○ External elasticsearch, Splunk, etc

IBM Developer 20 Web Console

Application dashboard Service Catalog

IBM Developer 21 IBM Cloud Paks A faster, more secure way to move your core business applications to any cloud through enterprise-ready containerized software solutions Complete yet simple IBM containerized software Application, data and AI services, Packaged with Open Source components, fully modular and easy to consume pre-integrated with the common operational services, and secure by design IBM certified Full software stack support, and ongoing security, compliance and version Container platform compatibility and operational services Logging, monitoring, security, Run anywhere identity access management On-premises, on private and public clouds, and in pre-integrated systems

IBM Cloud Edge Private Systems

IBM Developer 22 IBM Certified and production ready

Containers IBM Cloud Alone Paks Client creates containers Complete solutions or receives software as certified for standalone container(s) enterprise use cases Runs anywhere Yes Yes Cloud Paks Vulnerability scanned Yes Yes t

e Red Hat container certification Depends on product Yes k r

a Complete solution w/ container

m No Yes

platform o t Flexible & modular: Pay for what you d No Yes e use e p

S IBM certified/orchestrated for production No Yes (Built for Kubernetes by experts; certified against 250+ criteria) Multicloud validation No Yes Integrated deployment experience No Yes

Containerized Full stack support by IBM No Yes software (Base OS, software, and container platform) alone License metering integration No Yes

Enterprise security Scalable and resilient No Yes 23 Encrypted secrets / limited privileges Do it yourself Yes Management and operations Build your own Yes Lifecycle Management Manage it yourself Yes Organized by Capability

Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Applications Data Integration Automation Multicloud Management

Developer & Modernization API Messaging Operational App and DevOps Tools Organize Analyze Content Multicluster Toolkit Lifecycle and Events Intelligence Infrastructure

Security and Compliance Frameworks and Collect App and Data Workflow and Decisions Management Runtimes Integration

Container Container Container Container Container platform and platform and platform and platform and platform and operational services operational services operational services operational services operational services

IBM Cloud Edge Private Systems

IBM Developer 24 Cloud Pak for Applications

RUN EXISTING APPS BUILD NEW MODERNIZE APPS APPS

IDE Tools: Codewind

Kabanero WebSphere Enterprise Application Server Red Hat IBM Integrated Application Runtimes IBM Runtime Java: Node.js: Modernization & s • WebSphere ND Open Liberty • Loopback Developer Tools •JBoss • MicroProfile • Express WebSphere Base •Vert.x • Spring Transformation •Node.js • OpenJ9 Liberty Core (etc.) • Hotspot Advisor WebSphere Migration Digital App Builder Knative Tekton Toolkit Appsody Integrated Mobile DevOps Enterprise Dev tools IBM Mobile Service extensions for local Foundation s IDE’s Red Hat OpenShift Group Name / DOC ID / Month XX, 2018 / © 2018 IBM Corporation 26 Kabanero – Changing process to build Cloud Native Applications

IBM Developer 27 Addressing complexity

Tomorrow’s challenges. What is cloud- native?

Today’s skills

12-Factor applications Cloud Environment https://12factor.net/

Champ: Solution Architect Independent, autonomous, stateless, Configuration sources, service references processes

Java EE

Jane: Lead Enterprise Microservices DevOps Developer

Build, package, deploy, observe IBM Developer Application as composition of polyglot 28 services Effective Bi-directional Collaboration Drives Value in an otherwise frustrated relationship

Champ Jane Curates Consumes Collections Collections

● Build a business value application on top of a cloud pak ● Build an integration with a cloud pak ● Build support tooling for a cloud pak ● Service to install, manage, and upgrade cloud pak

• User is Responsible for: • Configure API key permissions to access IBM Cloud infrastructure portfolio • Deploy and manage Kubernetes resources, such as pods, service and deployments in cluster • Leverage capabilities of service and Kubernetes to ensure high availability of apps • Add or remove cluster capacity by resizing your worker pools • Enable VLAN spanning and keep your multilane worker pools balanced across zones • Create public and private VLANs in IBM Cloud infrastructure for network isolation of your cluster • Ensure that worker nodes have network connectivity to Kubernetes service endpoint URLs • Update master kube-apiserver when Kubernetes version updates are available • Keep worker nodes up-to-date on major, minor and patch versions • Monitor health of your cluster by setting up forwarding for your cluster components • Recover troubled worker nodes by running kubectl commands such as cordon or drain and running ibm cloud ks commands such as reboot, reload or delete • Add or remove subnets in IBM Cloud infrastructure as needed • Back up and restore data in persistent storage in IBM Cloud infrastructure • Set up logging and monitoring services to support your cluster’s health and performance • Configure health monitoring for worker nodes with Auto-recovery • Audit events that change resources in your cluster. Can be done using IBM Cloud Activity Tracker to view user-initiated activities that change state of your Kubernetes services instance https://cloud.ibm.com/docs/containers?topic=containers-your-responsibilities-by-using-ibm-cloud-kubernetes-service#your-responsibilities-by-using-ibm- cloud-kubernetes-service

● https://cloud.ibm.com/catalog/content/ibm-cp-applications#about ● https://cloud.ibm.com/catalog/content/ibm-cp-management#about ● https://cloud.ibm.com/catalog/content/ibm-cp-data#about ● https://cloud.ibm.com/catalog/content/ibm-cp-integration#about ● https://cloud.ibm.com/catalog/content/ibm-cp-automation#about

Jane: Lead Jane rapidly builds and deploys micro-services Enterprise Java EE Developer

Champ: Solution Champ provides pre-configured application Architect stacks

Champ defines his opinionated platform IBM Developer 33 IBM Developer 34 Cloud Paks: Enterprise-ready containerized software

A faster, more secure way to move your core business applications to any cloud through enterprise-ready containerized software solutionsComplete yet simple IBM containerized Application, data and AI software services, Packaged with Open Source components, fully modular and easy to pre-integrated with the common operational consume Operationalservices, services and secure by design Logging, monitoring, metering, security, identity access management, image registry IBM certified Container platform Full software stack support, Kubernetes-based and portable and ongoing security, compliance and version compatibility

Run anywhere On-premises, on private and public clouds, and in pre- integrated systems Cloud Paks: Pre-integrated for cloud use cases

Today, IBM offers clients the first five Cloud Paks… Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Cloud Pak for Applications Data Integration Automation Multicloud Management

Developer Moderniza API Organize Analyze Messaging Content Operatio Multicluster App and & DevOps tion Lifecycl and Events nal Infrastructu Tools Toolkit e Intelligen re ce Frameworks and Collect App and Data Workflow and Decisions Security and Compliance Runtimes Integration Management Container Container Container Container Container platform and platform and platform and platform and platform and operational operational operational operational operational services services services services services

IBM Cloud Edge Private Systems Cloud Paks on IBM Cloud

Integrated with IBM’s public cloud, leveraging RedHat OpenShift on IBM Cloud

IBM Cloud IBM Cloud IBM Cloud IBM Cloud IBM Cloud Pak Pak for Pak for Data Pak for Pak for for Multicloud Applications Integration Automation Management

 Build and modernize on a cloud platform explicitly architected for workload and data portability.  Move those securely with Bring Your Own Key, Level 4 FIPS, and built-in

IBM public cloud industry compliance including PCI, HIPAA, GDPR, SOC1 and SOC2.  Leverage a managed OpenShift that directly integrates into the same Kubernetes service that maintains 16,000+ clusters and 250 billion on- demand forecasts daily at The Weather Company.  Enjoy push-button integrations with IBM and Red Hat middleware and cloud services through IBM Cloud Schematics and IBM Cloud Content Catalog.  Compute isolation choices including bare metal worker nodes.  Managed OpenShift offering with HA masters, multizone clusters, and 99.95% SLA.