Enabling Modern Mainframe DevOps With Containerization and Kubernetes
'The IBM Z Experience' continues as Joe Gulla illustrates how containerization and Kubernetes represent the convergence of 'then' and 'now'
IBM mainframes have powered the world’s largest financial institutions, insurance systems and government infrastructures with unmatched reliability and uptime for decades. But that doesn’t mean nothing has changed. In recent times, innovative application development involving containers, microservices, Kubernetes and DevOps pipelines has transformed the industry, redefining how today’s applications are built, deployed and maintained.
In this article, I will explain how these technologies increase the impact of PR/SM, z/VM and KVM—as well as enterprise Linux—for developing and deploying applications. Additionally, container implementations benefit from using OpenShift as a management tool. Across the industry, we have learned that deployment of new tools and techniques for applications without a management focus is a fool’s errand.
Then and Now Converge
The “legacy” computing world of CICS and IMS transactions and the more recent “systems of engagement” can coexist and are more impactful when they converge. Containerization and Kubernetes on IBM Z represent that convergence. Far from replacing the mainframe, these technologies extend its value, enabling modern DevOps practices while preserving the strengths that have always defined the platform.
What emerges is a transformation: IBM Z as a foundation for hybrid cloud innovation and enterprise modernization. In short, the tools are in place for “then” and “now” to converge, and this wave of innovation, realization and transformation is already well underway.
From Virtualization to Containerization
To understand the role of containers on IBM Z, it is important to build upon the foundation established in earlier layers of the platform.
At the hardware level, IBM Z provides significant vertical scalability and reliability. With hundreds of cores (as many as 208 cores on 26 chips in z17) and advanced I/O subsystems (many frames for I/O and networking), it is engineered to manage massive and varied workloads (batch jobs, OLTP, as well as WWW, Java, Linux on Z, Cloud, API and mobile integration) with efficiency and precision.
On top of this hardware sits Processor Resource/Systems Manager (PR/SM), which partitions the system into highly secure logical partitions, ensuring strong workload isolation.
Above PR/SM, virtualization technologies such as z/VM and KVM allow thousands of Linux virtual machines to run concurrently on a single system. These hypervisors are recognized for their efficiency, often delivering near-native performance (likely single-digit overhead) even under heavy consolidation. In this context, consolidation means many server instances or images running on one IBM Z.
Linux on Z adds yet another critical layer, introducing a fully open-source ecosystem within the mainframe environment. With distributions from Red Hat, SUSE and Canonical, the platform becomes compatible with modern development frameworks, middleware and cloud-native tooling.
At this point, the platform embraces all these innovations and has done so for many years. There is no need to wait for these environments to catch up; they are currently aware of the importance and potential of this software environment. IT personnel just need to skill up and engage.
Containerization Has a Special Role
Containerization builds on all of this. Unlike virtual machines, which encapsulate entire operating systems, containers package applications and their dependencies into lightweight, portable units. They share the host OS kernel, making them faster to deploy and more efficient in the use of resources. This packaging idea addresses many challenges, which I will explain later in this article and the next one.
On IBM Z, containers do not replace virtualization but leverage it. Containers run inside Linux environments provided by z/VM or KVM, combining lightweight application delivery with the proven scalability and isolation of mainframe virtualization. This layered approach allows organizations to achieve both efficiency and agility, without sacrificing stability.
Kubernetes Provides Management of Containers
While containers simplify application packaging, they introduce the challenge of managing complexity at scale. This is where Kubernetes becomes essential. Kubernetes is an orchestration platform designed to automate the deployment, scaling and management of containerized applications. It abstracts infrastructure into a set of logical constructs—pods, nodes, services and clusters—that allow applications to run consistently across diverse environments.
Table 1. More Details on Kubernetes
| Component | Description |
| Clusters | A cluster is the ultimate computing environment in Kubernetes. It is a set of physical or virtual machines, called nodes, and other resources that work together to run your containerized applications. |
| Nodes | A node is an individual worker machine in your clusters. Nodes can be physical computers or virtual machines that provide the CPU, memory and networking needed to run your workloads. |
| Pods | A pod is the smallest, most basic deployable unit in Kubernetes. It represents a single instance of a running process in your cluster and acts as a wrapper, or “pod,” for one or more containers. |
| Services | Because pods are temporary and constantly get created, destroyed or moved, their IP addresses change frequently. A service provides a stable, permanent IP address and DNS name for a specific set of pods. |
What Are the Main Kubernetes Benefits?
On IBM Z, Kubernetes enables savings for organizations in the following ways:
1. Container orchestration savings – Use Kubernetes services to save on ecosystem management and to automated manual processes.
2. Increased DevOps efficiency for microservices architecture – Use Kubernetes for container integration and access to storage resources with different cloud providers to make development, testing and deployment simpler.
3. Deploying workloads in multicloud environments – With Kubernetes, workloads can exist in a single cloud or be spread easily across multiple cloud services. Kubernetes clusters allow the simple and accelerated migration of containerized applications. This migration can be from on-premises infrastructure to hybrid deployments across any cloud provider’s public cloud or private cloud infrastructure.
4. More portability with less chance of vendor lock-in – With Kubernetes, you can manage containers for your applications to provide a lightweight, more agile way to handle virtualization. This is because containers only contain the resources an application actually needs, using the features and resources of the host operating system.
5. Automation of deployment and scalability – Kubernetes schedules and automates container deployment across multiple compute nodes, whether on the public cloud, onsite virtual machines or physical on-premises machines.
6. Application stability and availability in a cloud environment – Kubernetes helps you run containerized applications reliably. It automatically places and balances containerized workloads and scales clusters appropriately to accommodate increasing demand and keep the system live.
7. Open-source benefits of Kubernetes – Kubernetes is a community-led project and fully open-source tool which, at one time, was the fastest-growing open-source software ever developed. The result is that there is a huge ecosystem of other open-source tools designed for use with it.
In essence, Kubernetes transforms individual containers into a self-healing, distributed system. It brings operational discipline and automation to environments that might otherwise become difficult to manage at scale. The significance of Kubernetes on System Z lies in what it does and where it does it. It brings cloud-native orchestration directly into an environment already trusted for its reliability and performance.
OpenShift on Z: Enterprise Kubernetes
At the heart of Kubernetes adoption on IBM Z is Red Hat OpenShift. OpenShift extends Kubernetes into a full enterprise platform, integrating container orchestration with developer tools, security features and lifecycle management capabilities. OpenShift on Z runs on Linux distributions such as Red Hat Enterprise Linux, hosted by z/VM or KVM. It supports the same APIs, deployment models and toolchains used in cloud environments.
This consistency is critical, as it allows organizations to run identical workloads across multiple platforms, including public cloud, private cloud and on-premises infrastructure. Figure 1 is a depiction of the cumulative elements discussed, so far in this article, from PR/SM to Kubernetes. The depiction in the figure is a familiar layered chart showing something that is common in many implementations of modern software components. The design conventions is that one component builds upon another.
Figure 1. Hardware and software stack that supports containers.
What distinguishes OpenShift on Z is its ability to combine modern orchestration with deep enterprise integration.
First, it integrates seamlessly with existing IBM technologies. Applications running in OpenShift containers can interact with Db2 databases, IBM MQ messaging systems and z/OS workloads through APIs. This enables an interrelated architecture in which modern and traditional systems coexist.
Second, security is enhanced by leveraging the underlying IBM Z architecture. Multi-layer isolation, from hardware partitions to hypervisors to containers, creates highly secure environments suitable for sensitive workloads.
Third, the platform supports high-density deployment. The scalability of IBM Z allows organizations to consolidate large numbers of containers onto a single system, reducing overhead and improving resource utilization. Table 2 describes the potential size of high-density deployments based on information consolidated from Canonical, Unbuntu and RedHat.
Table 2. More Details on Potential High-Density Deployment
| Scenario | Approximate Container Scale |
| Conservative enterprise with mixed workloads | 5,000-20,000 containers |
| High-density microservices that are lightweight in nature | 20,000-100,000+ containers |
| Extreme or optimized lab scenarios assuming very small containers with aggressive overcommit | 100,000+ possible but not typical for production |
OpenShift on Z, therefore, is not just Kubernetes on a different platform—it is Kubernetes enhanced by the strengths of the mainframe.
DevOps Modernization on IBM Z
The adoption of containerization and Kubernetes on IBM Z is closely tied to a broader shift toward DevOps. DevOps represents a cultural and technical transformation, emphasizing collaboration, automation and continuous delivery.
Central to this transformation are continuous integration and continuous deployment (CI/CD) pipelines. CI/CD automates the process of building, testing and deploying applications. Tools such as Jenkins, GitLab CI and Tekton orchestrate workflows from code commit to production release.
On IBM Z, these pipelines can deploy both traditional and cloud-native workloads. A developer can push code to a Git repository, trigger automated builds, run tests and deploy containers to OpenShift, all within a unified pipeline. GitOps extends this concept by treating Git as the single source of truth for both applications and infrastructure. Changes to configuration are made through version-controlled repositories. In addition, tools such as Argo CD ensure that the desired state is enforced in production environments.
Infrastructure as Code further reinforces this model. Tools like Terraform and Ansible allow infrastructure to be defined programmatically. This enables consistent and reproducible deployments. On IBM Z, this means provisioning Linux environments and configuring Kubernetes clusters through code rather than manual processes.
In addition, DevOps enables the coexistence of traditional and new types of workloads. Legacy applications written in COBOL and running in CICS can continue to operate, while new microservices are developed alongside them. Pipelines can integrate these components, thus creating a unified development and deployment lifecycle. In this way, DevOps is not about replacing the past but rather integrating it with the new styles of applications and its related tools.
Why Containers on a Mainframe?
At first glance, the idea of running containers on a mainframe might seem strange. However, when examined closely, it becomes clear that IBM Z offers unique advantages for containerized workloads.
One of the most significant advantages is scalability. With hundreds of cores and massive memory capacity, a single IBM Z server can support thousands of containers. This level of vertical scaling reduces the need for complex distributed architectures. This was the main point of Table 2, above.
Cost consolidation is another key benefit. By hosting large numbers of workloads on a single system, organizations can reduce hardware, power, cooling and operational costs.
Figure 2, below, is a reminder of the type of workloads that have emerged over many decades. Although these workloads have been developed over time, they currently run simultaneously on the typical customer mainframe, depending on when and if a certain technology was embraced by the customer. Did they go in big for Java? Have they embraced enterprise Linux?
Figure 2. Varied workload types developed over decades.
Licensing efficiencies further enhance these savings. Integrated Facility for Linux (IFL) is a specialty processor purpose-built to run Linux natively or under a hypervisor like z/VM. By offloading Linux workloads to an IFL, customers avoid the heavy processing fees and high Mobile Service Unit licensing costs associated with traditional mainframe software.
Security is also strengthened through multiple layers of isolation. Containers provide application-level isolation, while virtualization and hardware partitioning add additional safeguards. This multi-tiered approach creates environments suitable for highly regulated industries.
The reduced physical footprint of IBM Z systems is another advantage. Instead of maintaining large server farms, organizations can consolidate workloads into a smaller number of highly efficient systems.
Finally, performance and latency are critical factors. Technologies such as HiperSockets enable high-speed communication within the system, allowing applications to interact with minimal delay. This is particularly valuable when containers need to access data or services hosted on the same system.
Figure 3. The main benefits from containers are scalability, security, cost savings and performance.
Taken together, these factors demonstrate that containers are not only compatible with the mainframe but are well-suited to it.
Challenges and Considerations
Despite its advantages, adopting containerization and Kubernetes on IBM Z is not without challenges. One of the primary challenges is the skills gap. Organizations must develop expertise in both mainframe technologies and modern DevOps practices. Bridging this gap requires training and cultural change.
Another consideration is toolchain integration. While many tools are compatible with Linux on Z, ensuring seamless operation across environments requires careful planning. This is where a pilot project can help.
Additionally, there is the broader challenge of transformation. Moving to a DevOps model involves not only adopting new technologies but also redefining processes and organizational structures. These challenges, however, are not unique to IBM Z. They are part of the broader shift toward cloud-native computing, and they are outweighed by the benefits of modernization.
Up Next for ‘The IBM Z Experience’
The next article in this series will use an end-to-end example to illustrate what it looks like to develop a containerized application. It is more than just Docker and Kubernetes statements using OpenShift on IBM Z, and I’ll explain this, step by step.