IBM Z Integration: The Next Chapter of the Cloud Journey
Data protection, privacy and enhanced functionality enable enterprises to confidently expose data and applications to the cloud.
Image by Kadasarva Design
By Kristin Lewotsky01/02/2020
Across all industries, businesses are using multiple clouds from multiple providers to deliver their computing services. These ecosystems can involve dozens or even hundreds of different components. In some cases, public cloud providers provide applications the users can’t support in-house, such as AI. In other cases, enterprises use the public cloud to cut costs or streamline operations.
“Businesses don’t want to run many of these workloads in house anymore,” says Nathan Dotson, hybrid cloud offering manager for IBM Z*. “They realize that they don’t have the resources. That’s not where they excel.” Instead, they seek to focus their IT resources on their mission-critical core data and applications. The idea is to combine this effort with that of best-in-breed third-party providers to provide an integrated hybrid multicloud environment for the business (mck.co/34us0l5). With new features and an existing
open-source toolkit, the IBM Z platform plays a central role.
On its own, the public cloud presents a major challenge. The problem is that third-party cloud platforms generally don’t offer the levels of security, data protection, resilience and overall quality of service that business demands for mission-critical data and applications. According to a 2018 Opus and Ponemon study titled "Data Risk in the Third-Party Ecosystem," 59% of respondents had suffered a breach to their data while it was on a third-party platform (bwnews.pr/36u30vY). This is one of the reasons that only about 20% of enterprise data and applications have been deployed in the public cloud.
Increasingly, enterprises are making their sensitive data available to third-party partners and potentially even deploying some of their mission-critical applications in the cloud.
“We’re all now embracing the next chapter of the journey to cloud,” says Jacqui Shawley, global offering manager and market lead for IBM Z software. “Enterprises are now looking at the mission-critical data and applications they have running on IBM Z and how they can make those part of their cloud environment.”
Turning the page to that new chapter requires a different strategy. Perhaps third-party platforms can’t deliver the characteristics required for that 80% of data and workloads, but the IBM Z platform can. The platform provides ironclad data protection and privacy, along with 99.99999% availability, corresponding to less than three seconds of unscheduled downtime annually. In addition, it now supports cloud-native application development, as well as the comprehensive slate of open-source tools and functions already established on the platform, such as Red Hat OpenShift*, Linux* containers, Kubernetes and more.
In this new IBM Z cloud era, applications can be converted from monolithic programs to collections of microservices. Selected microservices from those modernized applications can then be deployed on the most appropriate platform for that particular use case, whether that’s IBM Z or some other public cloud (learn more in “IBM Z in the Hybrid Cloud,” below). Data can be securely shared with third-party partners while remaining encrypted and protected, whether it’s inside the enterprise data center or outside. “The IBM Z platform integrates into the larger cloud ecosystem and strategy so that enterprises can get the best of both worlds,” Dotson says.
IBM Z in the Hybrid Cloud
For an example of IBM Z in the hybrid cloud, consider a utility company building a mobile bill pay application. Previously, they would have developed a cloud-native application that emulated functions of the in-house legacy application and deployed it on a public cloud. They would have replicated enough data to the public cloud to support the application. The enterprise would have to synchronize between public master and public cloud databases and protect multiple copies of the data while reconciling different policies, governance, use cases and more. In an attempt to protect the master application and database, the whole project becomes far too complex.
With the new cloud model, the first step would be to modernize and rebuild the master application as a cloud-native application to run on IBM Z. The mobile application can be assembled from a combination of those micro services and additional purpose-built micro services. The logic components would be deployed to the public cloud but the data would remain on IBM Z, with the protection, resilience and scalability that the platform implies.
“When your new cloud-native applications run on IBM Z, they'll have faster access to data and deliver your results faster, too.”
Open Source, Cloud Native and Modern IBM Z
IT has come a long way from the days of giant development teams spending a year or more writing a sprawling single-purpose application. The emphasis today is on Agile development and open-source tools that equip businesses to respond quickly to changing market demands.
Over the past decade, the IBM Z platform has kept pace with this evolution, adding open-source tools and Linux as options. Users can apply their favored tools, but on a platform that’s secure, resilient and scalable. “It’s not a matter of your developers adapting to IBM Z. The IBM Z platform has already been updated to adapt to you,” says Dotson.
For example, the platform supports Linux containers, which are essential to cloud-native application deployment. Software containers are used to securely enclose an application and all of its dependencies, including a lightweight version of the OS. When packaged in a container, the collection of microservices and code that makes up a cloud-native application becomes a single self-contained software package. That software can now run on any server or cloud, regardless of OS or software stack. When core applications currently running on IBM Z are modernized to a cloud-native format, they can be shared with third parties or put on the public cloud or a hybrid multicloud.
With cloud-native applications, containers can proliferate rapidly. Kubernetes is an open-source container orchestration tool that simplifies the management and deployment of Linux containers in large volumes. Red Hat provides container orchestration through OpenShift. The open-source Kubernetes platform offers additional security capabilities and management and development tools.
Efficiently creating cloud-native applications is just the start. They need to be deployed, managed, interfaced with data and more. To streamline the process, IBM developed IBM Cloud Paks*, which are pre-integrated sets of containerized software customized to perform specific functions such as application development, data analysis and multicloud management. They include IBM middleware and open-source components combined with additional tools and utilities.
These tools provide “cradle-to-grave” support for Agile development across a hybrid multicloud that integrates IBM Z, whether for new development or modernization. The recently released IBM z/OS* Container Extensions, for example, enable Linux on IBM Z containerized applications to run alongside existing z/OS workloads within a z/OS partition without having to deploy a Linux partition.
Keeping Data Safe
The data held in the IBM Z platform is essential to the business, and protecting it is absolutely critical. As valuable as sharing core data and applications on a hybrid multicloud can be, that can only take place if the system as a whole can ensure that data protection and privacy are maintained.
Containers provide additional security and IBM Hyper Protect Virtual Servers isolate Linux applications further to protect from insider and external threats. The administrators managing the containers and deploying them using the orchestration tools can perform all of their tasks effectively without any ability to access the data. Pervasive encryption ensures that the data within them is encrypted, as are the access keys.
To deliver even greater data protection, privacy and provenance, IBM developed Data Privacy Passports. Enabling data to be moved securely between environments and beyond the direct control of your data center, this technology jumps off from pervasive encryption to enable full control across the hybrid multicloud environment. This means that data can be provisioned and protected from anywhere. As a result, user access can be monitored and revoked from any location at any time. And data provenance can be demonstrated through reporting provided by IBM Data Privacy Passports.
Why IBM Z?
The IBM Z platform provides failsafe performance for applications such as core banking that cannot tolerate downtime. In addition to a design that delivers the aforementioned 99.99999% availability, the newest release, the IBM z15*, features System Recovery Boost. This feature enables the system to cut planned and unplanned downtime in half by speeding shutdown, accelerating recovery of middleware and client workloads, and boosting processor capacity to enable the system to catch up.
This pays dividends for cloud applications. “Users expect the cloud to be always available, always on and always protected,” says Dotson. The performance you can expect from your application is driven by the underlying quality of service of the hybrid cloud infrastructure where it’s deployed. That’s where the benefits of IBM Z come in: high reliability, high scalability and high security.
Colocation of application and data is the fourth benefit of adding IBM Z to the hybrid multicloud. “Performance is all about your data and your application at the core,” Dotson says. “When your new cloud-native applications run on IBM Z, they’ll have faster access to data and deliver your results faster, too.”
No platform is appropriate for every workload. The underlying assumption of the hybrid multicloud is that each workload and data set is assigned to the platform that best suits its needs. For many enterprises with mission-critical workloads, the IBM Z platform makes it possible to deploy workloads to the hybrid multicloud while still keeping data protected, private and available.
“We’re really making the platform a pivotal piece of the hybrid multicloud environment,” says Shawley. “With IBM Z deployed as part of your cloud, you have one of the most secure and agile platforms to reach forward in your journey to a hybrid multicloud.”
z/OS / Linux on IBM Z / z/VM / z/VSE / Article / Cloud / Security / IT infrastructure / Open source / Cloud security / Cloud strategy / Hybrid cloud / IBM Z / Private cloud / Public cloud / Data security / Open source on IBM Z / Multicloud / z15
Kristin Lewotsky is a freelance technology writer based in Amherst, NH.