Simplicity, Freedom and Smartness can be realized with the triad

This content is provided for knowledge sharing purposes only and is a point of time information. The lessons learned and insights discussed are those of the authors and is not intended to represent any organizations mentioned in the content.

How can an IBM blockchain reference use case solution such as commercial paper be deployed to IBM, Amazon and Microsoft cloud platform in a multi-cloud & federated topology with simplicity, freedom and smartness?

Recently our team consisting of ninja IBMers and Red Hatters had to confront the above question head-on. The team demolished the challenge and its collective wisdom is the result of this blog post and the accompanying summarized visual.

The scaled-out deployment topology involved IBM Blockchain platform running on IBM, Amazon Cloud and Microsoft Clouds on top of hosted Red Hat OpenShift container platform. Additionally, IBM Cloud hosting IBM Blockchain platform featured RAFT consensus orderer with participating peer consortium members hosted on IBM, Amazon and Microsoft cloud platforms respectively. IBM Blockchain Platform deployments were driven through Kubernetes Operator automation launched from Red Hat Marketplace. The team used a well-known reference use case – a Hyperledger Fabric blockchain application named ‘commercial paper’ - to validate and affirm our collective understanding.

There exist numerous complex business problems spanning across a diverse set of industries, invariably requiring multiple players with competing, conflicting, and varied priorities to cooperate & collaborate to achieve a common goal. Blockchain implementations can provide innovative business solutions for such diverse, competing member consortia’s by providing distributed, decentralized minimum-trust networks for business transactions. Permissioned blockchain platforms are a standout candidate to craft unique and compelling solutions - given their ability to provide programmed algorithmic trust, security with privacy and other well known blockchain solution attributes - tamper evidence/resistance, immutability, provenance, and non-repudiation.

Multi-cloud deployments are complex, a reality and here to stay - given the need for agility, security, compliance, data residency requirements of participating member peer consortium organizations, their existing preferred cloud hosting platforms with applicable standardized technology solution components, integration points and cost savings.

There is a real and urgent need for our customers to be able to easily deploy an IBM Blockchain Platform (IBP) network, hosted across multiple cloud providers. Leveraging Operators hosted on OpenShift Marketplace with OpenShift container platform as a foundation for clustering and orchestration, is by far the most effective and efficient approach to operationalizing a blockchain solution. This is what is our collective affirmation and wisdom learned through a live project experience.

IBM Blockchain Platform (IBP) enables willing network participating consortium member organizations to create or join, deploy, operate, grow and expand their blockchain network spanning across public, private, on-prem, data center hosted environments and to place their processing components, store their data, or run their workloads as they deem appropriate for development, testing or operational usage. In this manner of adopting blockchain technology, customers enjoy their own freedom of choice given their propensity to take on or mitigate security risk, compliances, and data jurisdictional concerns. The same can be said about Hyperledger Fabric framework technology. However, as an analogy – HLF is like an engine while IBM Blockchain Platform is like a complete and fully functioning car.

IBM Blockchain Platform builds on Hyperledger Fabric, staying in step with Fabric releases, ensuring that clients can quickly leverage the newest capabilities introduced in the latest Fabric release. IBM’s support, tools and services makes it easier to leverage inherent Hyperledger Fabric capabilities with IBP, while at the same time making deploying, operating and managing a production Blockchain network a frictionless experience. IBP offers you the freedom to deploy only the blockchain components you need (Peer, Ordering Service, Certificate Authority). You can manage all network components through a single console, no matter where they are deployed — and maintain complete control over identities, ledger, and smart contracts. The vendor lock-in free design allows you to maintain complete control of your identities, ledger, and smart contracts. This coupled with open source node support provides an unprecedented amount of flexibility in the way a network can be designed, deployed, and scaled. In this context, it is relevant to take note of June 9, 2021 IBM’s announcement about its intentions to donating the underlying code for some of IBM Blockchain Platform’s most powerful capabilities to the open-source community and unveiling a new Hyperledger Fabric support offering.

Hosting and Managing challenges on Enterprise Cloud Platforms: Picking the right Blockchain platform only partly solves the problem. Hosting and managing your blockchain solution with minimum complexity, cost and time is a non-trivial exercise given multitude of hosting options possible. Some common challenges to enterprise application deployment in general are even more exacerbated in complex solutions involving blockchains. These include finding necessary software that is certified for quality, availability of trials, good visibility to software purchases and usage, quick approvals, seamless upgrades, and subscription renewals etc. Cloud marketplaces are proliferating, offering self-service and automation with vendor lock-ins involving proprietary vendor specific non-portable technologies. According to Flexera, 84% of enterprises have a multi-cloud strategy having a need to use cloud marketplaces. Ideally, application workloads should be able to avoid vendor lock-in and move seamlessly between, or be shared among, cloud service providers to leverage an optimal combination of performance, functionality, cost, security, compliance, availability, and resilience. Each marketplace has its own benefits and shortcomings and cannot satisfy these seamless interoperability and portability requirements, given their proprietary nature of technology foundations. This is where RedHat Marketplace truly shines.  

RedHat Marketplace is a truly open Cloud Marketplace, owned and operated by Red Hat/IBM. The Marketplace is unique in that it offers a simpler cloud-agnostic approach to discover, try, buy, deploy & manage RedHat certified, secure, container-based enterprise software with greater spending visibility. With instant availability of the software and automated deployment to any cloud with OpenShift container technology; public and on-premise, the focus can now truly be on developing innovative apps quickly.

All Red Hat Marketplace software is containerized and optimized for Red Hat OpenShift with Kubernetes Operators.

Red Hat OpenShift Platform provides for:

·     Federation   -  consistent management and visibility across federated clusters that can be running on public or on-prem or hybrid or data center hosted

·     Standards   -   standards compliant and certified such as OCI, CNCF,

·     Portability -  containers image built to OCI standard are portable between developer and production runtime environments

·     Scalability - enabling applications to scale to cloud scale quickly and elastically

·     Developer Productivity -  developers in control of their own productivity with CI/CD, S2I, CLI or Dashboard driven interactions with an ability to program in multiple languages and frameworks

·     Enterprise Operations   -   automated installations and upgrades – over the air or connected on virtual or bare metal or cloud deployments, robust automation and eco-system capabilities

Kubernetes Operators enable a way to:

·     Package and distribute Kubernetes application such that they can monitor, maintain, recover, and upgrade the software they deploy to Kubernetes while they themselves are running on Kubernetes

·     Operators use and operate Kubernetes in concert with Kubernetes facilities, features and tooling

·     An Operator builds on Kubernetes abstractions to automate the entire lifecycle of the software it manages by extending Kubernetes. Operators enable management of stateless and stateful applications in the same consistent and uniform manner

·     Key capabilities of operators are automating systems administration by writing software that runs the software. In this approach, teams get freed from performing mundane maintenance work and to have more time to create new features, fix defects, and generally improve product capabilities. Operators encapsulate Site Reliability Engineer capabilities for its application in an automated manner. Operators aspire to encode in software the skills of an expert administrator. Operator capabilities are made possible due to Kubernetes providing a set of basic flexible abstractions such as concepts of scheduling, replication, and failover automation, while also providing additionally a clear and well architected extension mechanism for more advanced or application-specific capabilities

The Marketplace provides quick access to details around certification standards and level of automation capabilities packaged with the software. Free and paid versions of the products are available. Detail product pages with technical documentation, pricing and support make adoption easier. Real time pricing helps appropriately size VPCs. Clients can purchase once and deploy to any cloud, automate deployment to selected clusters on any cloud or on-prem environment. Standardized OpenShift and Kubernetes commands can be used, or a CI/CD pipeline can be set up. There is continuous support for all products purchased in RedHat Marketplace. OpenShift operators are RedHat certified and offer lifecycle automation. Products can also be found in the Operator Hub. The Marketplace features direct integration with OCP dashboard. It is visible to administrators and developers from OCP dashboard and they can drill down and take preemptive or corrective actions. Marketplace also works for other user personas/roles like business users and procurement officers.

The Red Hat Marketplace can be used to deploy the IBM Blockchain Platform 2.5.2 operator onto a Kubernetes cluster on OpenShift Container Platform (OCP) 4.3+. The marketplace provides a simplified alternative method for deploying an instance of the IBM Blockchain Platform on to your cluster(s) on your cloud provider(s) of choice instead of manual deployment or by using Ansible Playbook scripts.

As the team IBM found out – the most simple, smart and freedom preserving manner of deploying a multi-cloud permissioned Hyperledger Blockchain solution is to make use of Red Hat Marketplace, Red Hat OpenShift container platform and IBM Blockchain Platform offerings and having a fun at it too! The team IBM invites readers to learn IBM Blockchain Platform, Red Hat OpenShift and Marketplace technologies and the relevant concepts around Kubernetes Operators, Operator Lifecycle Manager and Operator Hub.io capabilities and join our fun party! To start your learning journey with us we have provided additional insights into the IBP, Red Hat Marketplace and Operator way of deploying at the end of this blog post.

IBM Blockchain Platform:

The following capabilities of IBP are notable differentiators versus Hyperledger Fabric framework:

·     IBM Blockchain Platform is a commercial implementation of HLF framework with 100% compatibility and interoperability

·     IBM Blockchain Platform features a flexible management console known as IBP Console and a Kubernetes containerized application known as IBP Operator. Additionally:

o  IBP console enables consortium members to easily and frictionless-ly manage and deploy various blockchain network components to form a distributed and decentralized multi-organizational blockchain network

o  Dramatically reduces the skills needs required to create, operate, and grow the networks while also enabling organizations to focus on what they do best – develop and deploy innovative blockchain applications to gain value and shorten time to achieve value

o  IBP APIs enable customers to create, operate and grow the networks programmatically and with automation

o  IBP customers can deploy IBM provided IBP images that are supported, signed, scanned, and remediated for vulnerabilities, enhanced for stability and serviceability. IBP images are built on top of HLF code base

o  that IBM tests the open source code for security vulnerabilities daily and provides 24x7x365 support with SLAs appropriate for production environments

o  IBP includes VSCode IBP Extension Addon tool that provide end to end features for developers and network operators to develop, test, operate, monitor, and govern Fabric components by using an intuitive management console

o  IBP management console enables users to create or join a network, deploy a smart contract, govern organization owned blockchain network components with easily and intuitively

o  Enables building blockchain networks quicker and easier manner without friction

o  Enables operation and governance of blockchain networks with total control

o  Enables growing of distributed and multi-cloud blockchain networks with ease and flexibility – offering non-vendor lock-in and freedom of choice with enterprise grade support

Red Hat Marketplace with Operator Way of Deploying Software

• Automation and Deployment of software at scale through its certified OCP operator hub
• Reduced configuration deviations and support costs
• Experience consistency and proven capabilities on enterprise grade software platforms
• Benefit from interoperable, secure, supported, and non-vendor lock-in software deployment/management
• Pure and simple cloud native approach to software management and deployment throughout its entire life cycle, resulting in business benefits of

- Speed to market for developer productivity.

- Flexibility and Portability of solution deployments on hybrid or multi-cloud platforms without lock-in or friction                     

- Optimize Spending

-  Single Pane of Glass Management For:

-  Consolidated Contracting

-  Insights into license usage, non-usage, renewals, and pricing etc.

- Enterprise Standards

-  Hybrid and multi-cloud

-  Security

-   Compliance

-  Automation

-  Consistency

- Any cloud or on-prem hosted by OCP with build once and deploy multiple times metaphor

- Certified Enterprise S/W with Operator automation built-in

- Backed by Support

- Consolidate visibility and insights into software consumption

The Team:

The team that undertook the exciting and rewarding journey consisted of:

Arun Ramakrishnan, Bejoy Alias, Bhargav Venkata Ramana Perepa, Brett Logan, Charbak Roy, Chris Williams, Dhyey Shah, Diptiman Dasgupta, Jaren Lim, Mihir Shah, Mihwa Choi, Mouna Gorle, Sayari Mukharjee, Sumabala Nair.

References:

·     https://www.redhat.com/en/resources/openshift-container-platform-datasheet

·     https://www.ibm.com/downloads/cas/P968JAYO

·     https://marketplace.redhat.com/en-us

·     O’Reilly Kubernetes Operators

·     RightScale 2019 State of the Cloud Report from Flexera

·     Reinforcing IBM’s commitment to open source Hyperledger Fabric