A Beginners Guide to Cloud and IBM Z

Introduction

As I talk to customers about IBM Z and our strategy, the conversation quickly and inevitably evolves to how IBM Z works with and/or enables a cloud strategy. “We’re going to cloud” is often the phrase that gets us there. But what does that mean? Is it adopting a new application architecture and development strategy? Is it moving to applications that are hosted on cloud by other vendors, so your company no longer uses in-house apps? Is it providing a self-service platform so your developers can get access to tools without waiting for admins to provision for them? What is it? What does “cloud” mean to you and your company? And how does it apply to the IBM Z mainframe environment – how do you leverage your investment in IBM Z to host, augment and/or be a part of your cloud strategy?

Here’s a high-level peek at the story:

Figure 1 - Z & Cloud Overview

Cloud - What does it mean to you?

When I begin to discuss a particular topic, I like to start with a common understanding of what that word or phrase in question means. In the case of “cloud”, I (as an ex-meteorology major) could be flippant and assume that we’re talking about the fluffy balls of condensed water that float in the sky. Or I could be more serious and understand that we’re talking about the cloud computing definition. The dictionary definition of cloud in the computing context is: “a general term for anything that involves delivering hosted services over the Internet”. But if you look at the more thorough definition as provided by the National Institute of Standards and Technology, it goes beyond simply internet-based hosted services. In the NIST definition, cloud computing has five essential characteristics. What are those, and how do they apply in an IBM Z context?

• Broad Network Access – computing services and capabilities are provided over a network and accessed by standard mechanisms and tools. For many years, mainframe applications and services have been available to networked users. The mainframe was one of the original “time sharing” systems, where multiple users (or companies) used a mainframe system to host and run their applications…on a network.
• Rapid Elasticity – functions are quickly provisioned/deprovisioned and scale up or down with demand. Z provides capabilities such as Capacity Backup or Capacity Upgrade on Demand to increase / decrease system capacity on the fly. The many-faceted virtualization capabilities of IBM Z, including Processor Resource/System Manager (PR/SM) and the z/VM operating system, along with features such as the z/OS Workload Manager allow workloads to grow and shrink with demand.
• Measured Service – systems control & optimize resource use by leveraging metering. The use of resources can be monitored, controlled and reported (and billed) for use by both the provider and consumer. z/OS has been a trailblazer in the ability to measure and meter usage and provide billing information to those who wish to leverage these kinds of services. The z/OS System Management Facility (SMF) is one of the most flexible and complete measurement systems in the industry.
• On demand self-service – the resource consumer can request and obtain provisioned computing capability automatically and without human intervention. IBM Cloud Private, z/OS Cloud Provisioning, and the z/OS Management Facility are features that provide the ability to automate provisioning of resources on z/OS and Linux on Z/LinuxONE.
• Resource pooling – computing resources are pooled and serve multiple consumers via a multi-tenant model, where compute resources are distributed based on demand. The consumer is generally unaware of where the resources are located. The IBM mainframe has been an industry leader for decades in providing a multi-tenant platform for running multiple disparate workloads and multiple users/organizations on the same platform without concern about performance impact or security.

Those interested in adopting cloud computing – who say “We’re going to cloud” – are generally looking for one or more of these characteristics. When I ask, “what do you mean by cloud?”, I generally hear something like “we want our developers to be able to get a server without waiting for one to be provisioned by I/T” or “we want to get out of the data center business,” or “we want to pay by the drink”. The NIST cloud computing characteristics generally encompass the requirements that our customers are looking for. My challenge is usually to lead the discussion about “what do you mean by ‘cloud’ and what do you want out of it?”

So, think about it: what do you mean when you say, “cloud computing?”

IBM’s Cloud Strategy & principles – and how this apply to IBM Z?

Companies that use IBM Z (or are considering the use of IBM Z) can take advantages of these characteristics using their Z systems. Z is both a peer/host in a multi-cloud environment and a participant in hybrid cloud architecture. A company can use existing mainframe resources and applications to help satisfy the requirements of a cloud implementation and fulfill those NIST characteristics as needed. A Z mainframe might be a hosting platform for a set of self-provisioned virtual machines and containers. Or it might be a service provider that provides business and data services that are used as part of a larger cloud application topology. Let’s look at some of the ways that might be done.

Anything discussion of cloud and IBM Z must be positioned in the context of IBM’s overall cloud strategy. IBM believes that companies will move to cloud, and we will provide the means to do this. But they won’t move to just one cloud and it might be public cloud OR private cloud. Our approach is to provide and support a cloud environment that is hybrid & multi-cloud – where a company uses multiple clouds (multi-cloud) and has a hybrid architecture where applications span multiple cloud platforms, public or private. For example, a company might be hosting part of their application portfolio on AWS or Azure or IBM Cloud and another part, perhaps business services or databases on a private cloud that includes Intel servers and IBM Z servers running IBM Cloud Private. Multiple clouds, hybrid architecture. In this multi-cloud/hybrid cloud world, an implementation on IBM Z is simply another cloud – a peer in the “cloud of clouds” that any company might choose to implement (as shown in Figure 1). The analogy might be the old arguments about Earth being at the center of the solar system and/or universe – Earth isn’t the center, and neither is IBM Z. But it is vitally important as a computing platform that provides a world-class (“universe-class?”) level of service that is perfect for cloud.

Beyond a multi-cloud and hybrid architecture, IBM also focuses on a world-class security implementation for hosted cloud services and data. IBM Z is a key part of that – for example, we have implemented Hyper Protect services on IBM’s public cloud to host functions where customers might have a specific sensitivity and requirement for the highest levels of security. The Hyper Protect Database-as-a-Service capability leverages Z Secure Service Containers to host database workloads and lock down from threats not only from the outside but also from those posed by potential rogue system administrators. Pervasive Encryption on IBM Z provides a simple way to encrypt data at rest and reduce the risk of data theft or loss with cloud (or other) workloads that run on Z.

Cloud management is another hallmark of IBM’s cloud strategy. Moving from a more monolithic IT architecture to one hosted on multiple clouds with a hybrid architecture may introduce additional complexity, and with that comes the need to closely monitor and manage the components. IBM’s cloud offerings focus on not only hosting cloud applications and data but enabling those to be monitored and automated. The use of DevOps practices and processes are part of this – building a cloud-native application should not involve a lot of manual processes. The develop & build AND manage process should be driven by automation of the application development pipeline during all phases of the build process. IBM Z is part of this – we provide a full portfolio of tools to automate the build/run/management of not just applications written with new technologies such as Java, Swift or Node.js, but also applications written in traditional mainframe languages such as COBOL or PL/I.

Underpinning all of these principles of the IBM cloud strategy is openness. The goal is to leverage open technologies on our cloud platforms so cloud applications and workloads can run anywhere, whether it be on IBM cloud, competitors’ clouds, on IBM Z or on other deployment platforms. Leveraging open standards such as REST for services/APIs, languages that are open and cross-platform, and open network interconnectivity are key, as is the use of open source software that is available in any development or deployment environment. One new project leveraging open source & open technologies on IBM Z is Zowe, an effort which “offers modern interfaces to interact with z/OS and allows you to work with z/OS in a way that is similar to what you experience on cloud platforms today”

IBM has been a champion for open source long before the announcement of the acquisition of Red Hat. We have a history of using and contributing to open source that extends back to the early days of the Apache web server. IBM was an early adopter of using Linux as a core operating system for our products. IBM contributes to many open source projects today and was the primary creator of open source tools such as Eclipse and Hyperledger, both of which are leveraged on and with IBM Z – Eclipse as a tool platform for client-side management tools for z/OS, CICS, application development, and Hyperledger as a Blockchain fabric which runs on Linux on Z. Linux on Z and LinuxONE are primary platforms for running a vast number of open source tools – Linux is Linux, and Linux on Z is not a special flavor of Linux. Z runs the same open source kernel and distros that are supported on non-mainframe platforms. And IBM Cloud Private, which is supported on Linux on Z, uses the exact same Kubernetes and Docker architecture as on other hardware platforms.

Remember: The IBM Z mainframe is an open system!

All of those key principles of the IBM Cloud strategy: hybrid, multi-cloud, secure, management and open apply to our public and private cloud offerings and are supported with IBM Z just as on Intel or POWER or other compute platforms. And along with that, a cloud architecture that leverages Z inherently benefits from the unique functionality of Z, such as resilience of z/OS through Parallel Sysplex and GDPS, security provided through unique Z hardware security such as storage protection and Pervasive Encryption and software security via the architected security managers such as IBM’s RACF, and improved manageability of a simplified and scalable cloud infrastructure that doesn’t restrict you to keeping your architecture as it has been for years or decades. Retain your investment and continue to leverage IBM Z as part of your overall cloud strategy. Now let’s look at how you can do that.

IBM Z and Cloud – How?

If I were to state IBM’s strategy for cloud and Z from my point of view, I’d describe it as this:

• IBM provides cloud capability on the IBM Z platform at all levels of deployment (public, private, hybrid), and at all levels of service models (Infrastructure as a Service, Platform as a Service, Software as a Service), while at the same time leveraging the unique functional and nonfunctional characteristics that the mainframe brings to computing solutions. This makes IBM Z the most flexible and ideal platform for hosting and supporting cloud-based applications and data.

But what does that mean? I already described a bit about how IBM Z provides functionality in hybrid and multi-cloud topologies. Let’s look at the other dimension, in how Z serves as a cloud-ready platform for IaaS, PaaS and SaaS and the characteristics of Z that make it better. 

Infrastructure as a Service

• Cloud consumer says: “I want a server where I can install and run my software”

Let’s begin at the lowest level of the stack, with “Infrastructure as a Service” (IaaS). With IaaS, the cloud provider makes server resources available to the requester. It generally involves a process where the cloud infrastructure automatically (without human intervention) performs the server setup, including hardware provisioning, operating system and other software configuration, and then provides appropriate information to the user so they can access the server resources. But the requester/cloud consumer must provide much of the system (operating system, system software, etc.) administration, despite the fact that the server image resides on the premises of the cloud provider.

IaaS on IBM Z can be provided via a number of different hardware and operating system options. In general, IaaS is used with operating system/server instances running Linux on Z and/or running on LinuxONE hardware. Seldom do we see customers use IaaS technology with z/OS, z/VSE or z/TPF operating systems, but there is little preventing that from being done. The multi-tenant functions of z/OS, etc. are usually sufficient for deploying multiple application and data solutions without provisioning a separate operating system instance. IBM solutions such as IBM Wave are used to perform Linux server provisioning, and IBM Cloud Private can be used to provision Linux guest systems as well.

Platform as a Service

• Cloud consumer says: “I want somewhere to build and run my applications, but I don’t want to manage a server”

Higher up the cloud deployment stack, “Platform as a Service” (PaaS) is a deployment model that provides the appropriate software development and deployment platform for a developer or similar role but does not require the platform consumer to perform any kinds of server or operating system administration tasks. All that is provided is the development and run-time software. For example, a PaaS system might provision a Java transaction server such as WebSphere Liberty, or a Db2 database instance, or a Docker container that can host a Node.js runtime.

On IBM Z, PaaS can be implemented on either z/OS or Linux on Z. Tools such as the z/OS Management Facility (zOSMF), Cloud Provisioning and Management for z/OS, and the z/OS Provisioning Toolkit (zOSPT) can be used to provision a variety of applications or infrastructure software on z/OS. And there are a number of templates and pre-built workflows for z/OS customers to use to get started in automating the provisioning of application development and runtime platforms using PaaS principles.

An exciting new development in PaaS for IBM Z and other server platforms is the aforementioned IBM Cloud Private (ICP).  ICP is an enterprise-grade cloud infrastructure tool based on open standard products such as Docker, Kubernetes, Helm and others that can be used to manage and provision software across platforms – not only on Linux on Z or other distributed server platforms, but it can also direct software provisioning on z/OS through use of the z/OS Cloud Broker. This new tool, announced in February 2019, combines the power and ease-of-use of ICP with the automation and scripting of zOSMF and Cloud Provisioning & Management. Using ICP and the z/OS Cloud Broker provides the power of cloud automation and self-service with the world-class security, reliability and scalability of IBM Z and allows you to leverage your current mainframe infrastructure and application investments with cloud functionality.

Software as a Service

• Cloud application consumer says: “I don’t want to worry about servers or writing code – I just want to run my business functions somewhere”
• Cloud software developer says: “I need a service for my product but want to use functionality that someone else built rather than building it myself”

Software as a Service (SaaS) provides just that – software functionality provided as a service and (usually) billed by usage. The application consumer doesn’t care where it is or how it’s hosted, but they want it where they want it (on their computing device), when they want it (24/7/365) and how they want it (fast, easy to use, on their Internet connection). SaaS is usually some sort of business function, like a CRM system or a financial services payments system, or even an IT function like an email marketing tool. All the software consumer knows is that they access the software/service by doing x and y, and all they do is use it (and pay for it).

The cloud software developer use case for SaaS is slightly different. The developer doesn’t want to run the business function, but they may want to run/use a service that someone else has written. For example, Twilio is a service provider that provides SMS text (and email and voice and other) services. A developer can write code on their own platform (traditional IT, IaaS- or PaaS-hosted or whatever) and invoke the Twilio services when they’d like to send a text or voice or email message from their application. They don’t have to write the code to perform the mechanics to send a text…all they do is provide the message and the recipient and Twilio does the rest, for a small fee. Services such as Twilio and the thousands upon thousands of other SaaS services on the Internet are normally accessed via protocols such as REST (Representational State Transfer), which is a very simple way to programmatically invoke a service.

On IBM Z, both use SaaS use cases are valid. First, Z has been and continues to be a great platform for hosting business applications. There are many software service providers who host their applications on Z and make them available to their customers as SaaS offerings, whether they are business applications or infrastructure software being provided from within a SaaS model. Example: A bank might provide a financial payments application where end users access this application over the Internet from anywhere in the world – the users don’t care that it’s on a mainframe…all they do is use the application and they don’t care much about the technology or the platform, and all they know is that they can move money. The company hosting the service knows that the app runs on a platform that’s secure, scalable and reliable, and they’re able to use assets they’ve been building on for years.

More and more companies are exposing and reusing z/OS-based services and applications that are were originally developed as more monolithic applications but are being re-engineered and re-factored to be used as more granular services. This began a number of years ago when Service Oriented Architecture (SOA) emerged and has continued with REST/JSON-based services. IBM provides the z/OS Connect product to act as a REST intermediary between programs & transactions running on IMS, CICS, or even batch. And the Data Virtualization Manager can be used to expose data in relational databases such as Db2 for z/OS, IMS DB, VSAM or even sequential “flat” files. In this case, the SaaS model is providing services that can be reused by application developers who don’t want to “reinvent the wheel” – they want to perform a function and all they want is to call it.

Where to go from here?

Back to the question: What do you want to do with cloud? How can you leverage cloud technologies alongside, or on top of IBM Z? In reflecting back on what we have discussed, a few use cases come to mind:

• Using & reusing mainframe applications and data as cloud services (SaaS), integrated with application components either on traditional Z, private cloud or public cloud services
• Leveraging cloud technologies to provide self-service provisioning of z/OS or Linux on Z infrastructure (IaaS, PaaS)
• Equipping developers to service existing applications or build new applications by providing DevOps tools that include Z code in a converged CI/CD pipeline (PaaS)
• Building new cloud-native applications on the Z platform either on Linux or z/OS (SaaS)
• Hosting entire applications either on z/OS or Linux on Z using a cloud provider model (SaaS)

IBM would love to work with you on any of these scenarios, or any others where you're exploring Z and cloud, and help you move your mainframe on a Journey to Cloud. Let me know if I can help!