More Related Content

Slideshows for you(20)

Similar to Accelerate Digital Transformation with IBM Cloud Private(20)


More from Michael Elder(18)


Accelerate Digital Transformation with IBM Cloud Private

  1. Accelerate Digital Transformation with IBM Cloud Private Michael Elder IBM Distinguished Engineer, IBM Cloud Private @mdelder Get these slides @
  2. Purpose Client needs, concerns being addressed, value
  3. Application Portfolio Customer Information Payment Systems Business Process Evolution to Cloud- based Application • Base Virtualization with Standardization & Automation On-premises | Off-premises VMs | Containers | aPaaS | iPaaS Event Driven Transformation uses multiple concurrent approaches … to minimize risk & cost while leveraging new & existing investments to innovate & differentiate • Cloud native • Loosely-Coupled • 12-factor • Horizontal Scaling • Eventually consistent • Microservices • Auto-scaling • DevOps & CI • Self-recovering ➡ Lift-Standardize-Consolidate-Automate-Shift ➡ Contain-Expose-Extend ➡ Refactor/Create as Cloud-Native/Microservices New Applications ➡ Data Classification, Movement & Governance Bare metal, VMs, Containers, Automation - SDDC API Creation & Management, Connectivity & Integration Event-Driven, aPaas, Containers, Microservices Cognitive Data Classification, High-volume data transfer, Metadata Management
  4. Web Page Java UI Portal Mobile MS SQL Data & Transactions DB2 IMS Warehouse account-groups Business Logic {REST/WS} Enterprise Java Mobile BFF Process BPM Process Analytics & Reporting MQ APIC Data Connect Development Tools Management Security Operations Lift-Optimize-Shift Contain-Expose-Extend Refactor as Microservices Data Classification & Governance Private Cloud Public Cloud APIC IaaS CaaS (I & A) PaaS Event Transformation Approach Cloud Type Technology Service Provider Operator Developer, Integrator, Data Scientist User Persona Evolution of existing workloads
  5. IBM Cloud Private Kubernetes based container platform Common Services For prescribed application development & deployment IBM Middleware, Data & Analytics Services Industry leading container orchestration platform across private, dedicated & public clouds To simplify operations management, DevOps and hybrid integration Cloud enabled middleware, application runtimes, messaging, databases and analytics to optimize current investments and rapidly innovate Cloud Foundry
  6. • Reuse existing infrastructure • IBM Data Center transformation to a proven VMware SDDC architecture • IBM Managed Services • IBM Storage including optimization for container- based workloads • Automation & Infrastructure-as-Code ICP Cloud Automation Manager (Terraform, Chef) • Containers & Orchestration ICP with Kubernetes • Cloud Foundry ICP with Cloud Foundry • Function-as-a-Service ICP with OpenWhisk (future) • IBM API Connect - Containerizedon ICP (future) - Open Standards • ICP Catalog - Helm Charts - Patterns - Cloud Foundry Services • IBM Supported Languages & Frameworks - Container Images& Buildpacks for Java, Node, Swift. .Net - Frameworks: Spring, JEE, Mobile, ManyNode & Reactive • IBM DevOps Tools + Open Source - Urban Code Release/Deploy - Cloud Automation Manager - Containerizedon ICP (future) • ICP-based Management - For Containers& Cloud Foundry - Metrics - Common Ops functions - Identity, RBAC & Policies - Capacity& Placement with CloudMatrix • ICP Common Services - Monitoring: Prometheus, Grafana - Logging: ELK - IAM: Built-in + Federation to Enterprise - Metering: Product insights - Key Management: Vault IBM Cloud Private capabilities
  7. The Four Tenets Enterprise grade. Open by design. Rapid Innovation Hybrid Integration Investment Leverage Management and Compliance Built on 4 Key Tenets to Drive Enterprise Transformation
  8. IBM Cloud Private brings cloud native to the enterprise Open Kubernetes-based container platform Cloud Foundry for app dev and deployment Integrated DevOps toolchain Integration capabilities to unlock and connect Secure access to public cloud services (AI, Blockchain) Consistent experience across private/public Containerized versions of IBM Middleware (WebSphere, MQ, DB2, DSX and popular Open Source) Prescriptive guidance to optimize workloads Work with existing apps, data, skills, infrastructure Core operational services including logging, monitoring, security Flexibility to integrate with existing tools and processes Rapid Innovation Hybrid Integration Investment Leverage Management and Compliance
  9. IBM Cloud Private changes your daily work routine Todd Operations / Admin Responsible for infrastructure, security, and management of the environment. Jane Enterprise Developer Responsible for modernizing existing applications and creating new Cloud Native Workloads. IBM Cloud Private empowers both developers and administrators to meet business demands: • IT Operations and Administrators can quickly set up a modern, flexible, and compliant private cloud on enterprise infrastructure that enables enterprise developers to innovate; they can also integrate with their existing management tools and processes • Developers can create new cloud-native applications, optimize existing ones, and securely connect their applications with data and services across all clouds
  10. 1. Optimize legacy apps with cloud Containers & Common Services Next Generation Middleware, Data & Analytics Automation & Orchestration Cloud-enabled middleware Self-service Experience 2. Open your datacenter to work with cloud services Integration Services & Cloud Native Programming Models Integration & Hybrid Cloud APIs Public Cloud Services Machine Learning on p/z Blockchain Business Process Data & Apps 3. Create new cloud native applications Cloud Native Services & Runtimes New Applications New Applications On-Premises Software & Services Containers & Common Services Automation & Orchestration Containers & Common Services Automation & Orchestration Use cases driving private cloud adoption
  11. Possibilities Use cases
  12. IBM Systems IBM Cloud Private IBM Cloud Private – Your Workloads, Your Infrastructure Mix and match worker nodes to run Kubernetes cloud apps you need on the infrastructure you have. Manage from the same master node. X86 VMs pLinux VMs zLinux VMs Master/Proxy/Management Nodes Worker Nodes Your App Workloads IBM Provided Services VMware OpenStack ppc64le zVM, zKVM or LPA
  13. IBM Systems Example – Use Microservices Microservices Scaling DeveloperBenefits • No need to manage supporting components • Repeatable • Consistent • Pre-integrated services Monolithic Scaling
  14. IBM Systems Example – Stock Trader – Client Goals 14 “I want to improve my Java app” Product leaders want to improve their Stock Trader application to increase client satisfaction “I want continuousdelivery – built with microservices” Development leads demand greater flexibility with microservices and continuous delivery that only Cloud can give them “I need sensitivedata to stay local” Lead administrators need the data and workload to stay local, wants to manage the cloud, yet does not want to be burdened with complicated operations
  15. IBM Systems Example – Stock Trader – App Architecture 15 Public CloudPrivate Cloud Web App Portfolio Stock Quote Loyalty Level Quandl Slack Browser POST GET PUT DELETE API Connect Open Whisk GET GET GET POST Db2 MQ JMS NotificationonMessage JDBC Redis GET SET Microservice Builder Github (GHE)
  16. IBM Systems Example – Stock Trader – Cloud Architecture 16 Nodes: Masters (1, 3 or 5), Proxy (1, 3 or 5), Workers (1..n), Management (1..n) Private Cloud IBM Cloud Private Db2 MQ Redis Docker Docker DockerDocker Liberty Micro-service Builder Kubernetes Dashboard UI ELK DSM Grafana Prometheus Jenkins w/ GHE access Service graph Private Docker Registry Cloudant App Workloads Internal Services
  17. IBM Systems Example – Stock Trader – Portability with Secrets 17 GitHub Enterprise QA Zone (Namespace) App1 Db2 Endpoint: test-instance-db2 Port: 50002 Microservice Builder App2 App3 Dev Zone (Namespace) App1 Db2 Endpoint: dev-instance-db2 Port: 50000 Microservice Builder App2 App3 Prod Zone (Namespace) App1 Db2 Endpoint: prod-instance-db2 Port: 50003 Microservice Builder App2 App3
  18. Architecture Enterprise grade. Open by design.
  19. User Consumption Model Choice with consistency - Runtimes Operating System (e.g. Linux cgroups & namespaces) Docker Containers Code + Manifest Code + Packaging as Container Image Containers Garden -> Docker Docker Containers Event/Action Automation & Orchestration (Chef,Terraform etc.) Service (SaaS) Cloud Foundry Custom Scheduling Event Handlers API Patterns Templates Kubernetes
  20. Enterprise transformation requires an integrated PaaS and IaaS Leverage existing investments Open by design, preventing vendor lock-in Consistency across your Hybrid IT environment Enterprise grade services for Middleware, Data and Analytics, DevOps IBM Middleware, Data, Analytics and Developer Services Cloud enabled middleware, application runtimes, messaging, databases & analytics to optimize current investments and rapidly innovate Core Operational Services To simplify Operations Management, Security, DevOps, and hybrid integration Kubernetes-based Container Platform Industry leading container orchestration platform across private, dedicated & public clouds Cloud Foundry For prescribed application development & deployment Runs on existing IaaS: Vmware, OpenStack, Power, LinuxOne, …
  21. IBM Cloud private – Enterprise Kubernetes Architecture
  22. IBM Systems IBM Cloud Private – October MVP IBM Cloud Private – End to End Architecture CF Apps (Cloud Native, Microservices) OpenStack or VMware (with NSX-T) Storage Options (VMware datastore,GlusterFS, Spectrum Scale, NFS, HostPath) Cloud Foundry (Calico Overlay Network ??) CNICNI Container Apps (Cloud Native, Microservices Builder) DevOps & Advanced Hybrid Services User Experience (Developer, Operator, Service Provider) SERVICES MANAGEMENT MULTI-INSTANCE PROVIDES ALL SERVICES & MANAGEMENT NEW CLOUD NATIVE & MICROSERVICES APPS NEW CLOUD NATIVE & MICROSERVICES APPS VMware Current Middleware & Data Automation & Orchestration EXISTING MIDDLEWARE ON IAAS Kubernetes (CFC) (Calico Overlay Network) Core Services Current Middleware & Data New IBM & Partner Services Management Services (Dashboards, Security, Monitoring, Microservices) Content Delivery & Currency (Catalog) Self Managed (evolving to additional management options)
  23. 23 Security Or, why most enterprise still prefer private cloud
  24. IBM Systems Primary goal is to provide visibility, control, and analytics permitting a to assess and enforce security and compliance of their applications and data running in the cloud • When workloads are deployed as containers, container layer is a natural place where such visibility and control should be provided • Focus on applications and data, not infrastructure – application-centric visibility and control Applications and data is what users care about – regardless of the infrastructure Active area of innovation and start-up investment • A new approachemerging: declarative, portable, DevOpsfocused Several Research assets and activity in this area 24 By providing flexible, application-centric visibility and control security services in container layer on a fully- managed container platform, we can leapfrog security advantage of our competitors. Container Security
  25. The Execution: Container Service 25 Deep Visibility à Operational Insights/Analytics à Solve Real Customer Problems - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container - Docker metadata - Kubernetes data - Docker history - Metrics From Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator - Audit Subsystem - Syscall Tracing - System Integrity From Platform 25 Index (Data) Data Collection Curation Index (Data) Analyitcs * All services for security, compliance and beyond work from the same data & pipeline! Vulnerability & Sec. Scan for Images Risk Analysis w XForce Delivery Pipeline Service Remediation Service Policy Manager for Orgs Vulnerability & Sec. Scan for Containers Secure Config Advisor Vulnerability Advisor for POWER Rootkit Discovery Remote Login Config Discov. (ssh, weak pwd) License Discovery Container Safety Determination w Signatures Custom Rule Definitions Config Explorer & Analytics Time Machine Forensics Vulnerability AdvisorCrawlers
  26. 27 Cloud Foundry Running opinionated app containers
  27. • A locally managed offering • Deploy faster then ever before • Full control of the Cloud Foundry configuration • Extend the deployment using Community or 3rd Party add-ons • Connect to multiple logging and monitoring solutions • Middleware and Cloud service offerings Evolution of the Cloud Foundry Runtime
  28. • Passport Advantage and IBM Container Registry • When combined with your Cloud Foundry token, all binaries will be downloaded from a secure IBM Cloud registry • Can be launched from a Linux or Mac using Docker CE TOKEN+ IBM + = Deploying Cloud Foundry Cloud Foundry Runtime
  29. Cloud Foundry Operations Monitoring Operations Console Cloud Foundry Runtime Bosh API Cloud Foundry API
  30. Managing Cloud Foundry • A local managed offering • Administrative Access to the Bosh CLI • IBM Operations Monitoring Tool • Graphical view of Bosh health metrics for the environment • Console connectivity to all Bosh managed virtual machines • Bosh virtual machine and job management operations start/stop/restart • Cloud Foundry and Buildpack version information • Application information • API control for install and updates (manage at scale) • Air-gap support
  31. Maintenance cycle • Integrates IBM’s Cloud Foundry release • Public Bluemix • Dedicated Bluemix • Major updates every quarter – Cloud Foundry releases • Minor updates weekly – Security patches & IBM Buildpacks • Full control of when the updates are applied • Standardized delivery framework, easily delivers changes at scale
  32. Customize Cloud Foundry • IBM’s Cloud Foundry Runtime provides new levels of control • Stemcell substitution (modify the stemcell to meet your corporate operating system guidelines) • 3rd Party release support: • Leverage releases from the community, 3rd parties or your own DevOp’s team • Customize the Bosh Director and Cloud Foundry deployments to incorporate new capabilities • Full Bosh administrative access with visibility, customize and execute on your schedule • Integrate your corporate security and compliance tools(via releases, stemcell, agents, or scripting)
  33. Application syslogs with Splunk
  34. 36 Storage Persistent volumes, storage classes, supported storage connectivity
  35. Storage • Persistent Volume Networked storage in a cluster that is provisioned by an administrator • Persistent Volume Claim A request for storage that is made by a user • Storage Classes A label used to identify, and dynamically create, specific qualities of storage to use. (“ibmc-file-silver” for higher-intensity workloads compared to “ibmc-file-bronze”) • Storage Options VMware datastore, GlusterFS, Spectrum Scale, (including defaults for NFS, HostPath)
  36. Storage Example • Helm chart specs Service declares what persistent volume it will “claim”. In this case, a ReadWriteMany volume with the size and storage class specified in the parameters set by the user. • Clients can customize A set of variables that will show up in the UI (or customized at the helm command line). Notice here it will claim a persistent volume of any storage class of 2GB or more. • UI showing variables DB2 storage options where admin can choose “Claim 10GB of storage for this instance of Db2”. Admin could create custom “gold” storage class so it will use best storage for this instance. • Persistent Volume Admin pre-creates PV that matches, or sets up to dynamically create. Deployment Chart (View online) Values.yaml file (View online)
  37. Storage Classes – Example • Dynamic Provisioning Storage classes can map to a “provisioner” to dynamically provision persistent volumes based on the volume claim requests coming in as users deploy workloads and services. • Map to Storage IBM Cloud private supports the following for dynamic provisioning,abstracts details so the user doesn’t need to take multiple steps to acquire, bind, and claim storage for their app: • GlusterFS learn more • VMware vSphere volumes learn more • Change Default Storage Class A default storage class can dynamically provision storage when a storage class is not specified. learn more apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mypvc namespace: testns spec: accessModes: - ReadWriteOnce resources: requests: storage: 100Gi storageClassName: gold Claiming ‘gold’ storage when deploying an app Use selected storage class: storageClassName: gold Disable dynamic provisioning: storageClassName: Use default storage class: storageClassName: gold Tips for claiming storage: kind: StorageClass apiVersion: metadata: name: gold provisioner: parameters: resturl: “http://glusterIP:8080” Create ‘gold’ storage class, mapped to glusterfs #get the names, see which is default kubectl get storageclass #set current default to “false” kubectl patch storageclass default-class-name -p '{"metadata": {"annotations":{"":"false"}}}’ #set your desired default to “true” kubectl patch storageclass gold -p '{"metadata": {"annotations":{"":"true"}}}' Change default storage class to your GlusterFS
  38. Private Image Repository • Bundled Images Import Docker images from bundle into private registry, or import any Docker image you want to deploy across your nodes. • Secure Access Add only the images you approve of so your developers have trusted, validated images to build from. kubectl get serviceaccounts default -o json | jq 'del(.metadata.resourceVersion)' | jq 'setpath(["imagePullSecrets"];[{"name":"admin.registrykey"}])' | kubectl replace serviceaccount default -f - Command so all deploying pods can access private image repo Built-in storage for your Docker images
  39. 41 Network Proxy, Calico, Internal and external communication
  40. Network Concepts • Proxy Node Transmits external request to the services created inside your cluster. • Calico Network Enables networking and network policy in Kubernetes clusters Learn more • Network Policy Labels specifying which groups of pods are allowed to communicate with each other and other network endpoints • VMware NSX-T Labels used in NSX-T can be mapped to Network Policies in ICp for deeper VMware control
  41. VMware NSX-T Integration (Tech Preview) IBM Cloud private will offer NSX-T as the networking mesh between pods on VMWare ESXi 6.5 Calico will continue to be used in OpenStack and lower versions of VMWare (down to ESXi 5.5)
  42. 44 Multi-Tenancy Multiple departments, one ICp
  43. One cloud, isolation across teams 45 Namespace 1 Users: Quotas: Kubernetes Cloud Namespace 2 Users: Quotas: kube-system Users: Quotas: Objects created by the Kubernetes system Pod 1 Service 1 Volume Pod 2 Pod 3 Service 2 Volume Pod 4 Master Nodes Master Nodes Master Nodes Master Nodes Master Nodes Proxy Nodes Master Nodes Master Nodes Worker Nodes Quotas Categories you can set quotes in a namespace: • Compute • Storage • Object count (pods, services, pvc, …) • Scope
  44. 46 HA How to run HA topology, workloads
  45. IBM Cloud Private highly available topology Managementservices are running in all the master nodes. • UI, kube-apiservice, docker registry (and so on) run in active/active mode • Virtual IP manager assigns virtual IP to one of the master nodes to serve the UI/API request • Other services rely on etcd to select a leading instance (you could treat them as active/passive mode) • The number of master nodes should be odd (per request of etcd to handle split brain issue) • Proxy services are running in all the proxy nodes in active/active mode • Virtual IP manager assigns virtual IP to one of the proxy nodes to serve application requests. The number of proxy nodes could be any value. 47
  46. Your Workload – Levels of Availability 48 One pod Good for development. Single pod with single log. Can fail over using same persistent volume Pod Multiple Pods Multiple pods in a replica set. One pod fails, load balance to 2nd pod with no downtime Multiple Services Multiple services with a load balancer allows each replica set to run in a separate name space, cluster, even data center Load Balancer Replica Set Pod Pod Service Namespace Replica Set Pod Pod Service Namespace Replica Set Pod Pod Service Namespace
  47. 49 Hybrid Cloud Connecting to Public, Existing Data Centers
  48. Integrate with IBM Cloud Public Goal: Workload portability across IBM Cloud private/public 1 2 3 Dev/Test vs. Prod Bursting Move to Public I want Dev/Test on public cloud and production on IBM Cloud private I want the dream of bursting from private to public when workload demand exceeds capacity When I’m ready to get out of my data center I want the easiest and fastest to be to IBM Cloud, not another public cloud Production IBM Cloud private Dev IBM Cloud Public Test IBM Cloud Public Production IBM Cloud private Bursting IBM Cloud Public Shrink IBM Cloud private Grow IBM Cloud Public ✓
  49. 51 Urban Code Deploy
  50. Typical Delivery Pipelines 52 JenkinsCI TravisCI UrbanCode Build IBM Managed GitHub Enterprise Artifactory Nexus Docker Image Registry Kubernetes
  51. 53 Istio Open platform to connect, manage, and secure microservices
  52. What else do we need for Microservices? ●  Visibility ●  Resiliency & Efficiency ●  Traffic Control ●  Security ●  Policy Enforcement Enter Istio
  53. Istio Features Intelligent Routing and Load Balancing Resiliency across Languages and Platforms Fleet Wide Policy Enforcement In-Depth Telemetry and Reporting
  54. Microservice-1 Sidecar SERVICE DISCOVERY Service Mesh Control Plane SERVICE REGISTRYMicroservice-2 Sidecar Microservice-3 Sidecar ROUTING RULES TELEMETRY ACCESS CONTROL RESILIENCY FEATURES Service Mesh Data Plane •  Lightweight sidecars to manage traffic between services •  Sidecars can do much more than just load balancing! How to build a ‘Service Mesh’ ?
  55. Istio Concepts ENVOY ISTIO AUTH ISTIO CONTROL PLANE ISTIO PILOT ROUTING RULES MIXER GRAPHANA /ZIPKIN MICROSERVICE ENVOY MICROSERVICE ENVOY MICROSERVICE ENVOY MICROSERVICE ENVOY ISTIO DATA PLANE Pilot: Configures Istio deployments and propagate configuration to the other components of the system. Routing and resiliency rules go here Mixer: Responsible for policy decisions and aggregating telemetry data from the other components in the system using a flexible plugin architecture Proxy: Based on Envoy, mediates inbound and outbound traffic for all Istio-managed services. It enforces access control and usage policies, and provides rich routing, load balancing, and protocol conversion.
  56. Istio Architecture appA Proxy Pod Proxy Istio ingress Controller Service A appB Proxy Service B 1. All traffic entering and leaving pod is transparently routed via Proxy without requiring any application changes. Kube API Server User/application traffic. HTTP/1.1, HTTP/2, gRPC, TCP with or without TLS Istio control plane traffic. Request routing rules, resilience configuration (circuit breakers, timeouts, retries), policies (ACLs, rate limits, auth), and metrics/reports from proxies. Prometheus Metrics & reports from proxies Istio Control Plane Istio Control PlaneIstio Control Plane (Manager, Mixer) Control Plane REST API Kubernetes Cluster Proxy. Based on Envoy, a high performance L7 proxy from Lyft, currently being used at large scale in production. 2. Proxy implements intelligent L7 routing, circuit breakers, enforces policies and reports metrics to control plane.
  57. 59 Getting Started Where it runs, how to get help
  58. Your data center • Learn from Knowledge Center • Download Community Edition (does not include master/proxy HA) • Download Enterprise Edition from Passport Advantage (accept licenses) • Prepare VMs and Storage • Install (guided UI) – can be offline (no Internet connection) • Import Helm Charts, Images into IBM Cloud private Download, Install, Configure Download binaries from passport advantage, prepare your infrastructure, install Passport Advantage Master VMsStorage Proxy VMs Worker VMs IBM Cloud private Boot node Private Docker Registry Internal Services Network mesh with tenant isolation Persistent Volumes Offline Install Source
  59. Roadmap Continuous Delivery
  60. • Delivered IBM Cloud private • June - Developer-focused • Core platform ships with developer services: Micro Services Builder/Liberty, MQ community edition, DB2 community edition, Redis • Easily build, test, package and continuously update my running services using a CICD solution • Platform support for GPU, x86, and POWER OCTOBER 2017 Release 2.1 JULY AUGUST SEPTEMBERJUNE Roadmap & Key Milestones • Unified offering for Kubernetes and Cloud Foundry • New packaging and pricing for IBM middleware workloads delivered out of the box to run on Kubernetes with consumption from Kubernetes or Cloud Foundry apps • More complete enterprise-ready operations plane for common concerns such as logging, monitoring, alerting, auditing and security. • Details follow In Progress 2017 4Q – 2018 Q1 Roadmap • Expand operational integrations for the datacenter including Splunk, Dynatrace, Netcool etc • Built-in operational behavior for backup/recovery, scale-in/scale-out for IBM middleware • Istio Service Mesh integrated within the platform • Encryption key management (Vault + HSM) • Summarized backlog follows Complete Sprint 3 Beta S4 Beta S5 Beta
  61. Category Summary Continuous Delivery • New App Catalog API & UI • Service Catalog CLI • Untethered Cloud Foundry option Continuous Availability • Elasticsearch, Logstash, Kibana (ELK) available in the catalog • Prometheus & Grafana available in the catalog • Web terminal console • Prometheus dashboard for platform and application monitoring • New admin command line interface with cluster management functions • Backup and Disaster Recovery for platform datastores • IBM Cloud Operations Platform for Cloud Foundry (Bluemix Doctor) Continuous Security • Open ID Connect provider replaces keystone with LDAP integration for users and groups • Role-based access control (RBAC) with 4 defined roles out of the box • Cluster-wide data in transit encryption via VPN-mesh for inter-node communication (optional) • Data at rest encryption for platform datastores via filesystem-level encryption • [Tech Preview] Vulnerability Advisor for Docker images Cluster • New Admin Console UI • Provision and manage VMs using Cloud Automation Manager on the platform • Runs on vSphere 5.5 or OpenStack VMs + Manage to support for zLinux worker nodes • Multi-cluster support (via CLI) • Storage: GlusterFS, vSphere volumes configurable out of the box • Network: Calico performance improvements & Limited Tech Preview support for VMWare NSX-T on vSphere 6.5 on request • Upgraded Kubernetes to 1.7.3 • Scale tested to 300 nodes, 9000 pods • Docker Engine install option IBM Cloud Private 2.1 GA
  62. IBM Cloud IBM Cloud Private Content - Kubernetes Open Source Toolchains & Runtimes Jenkins Apache Tomcat Open Liberty Messaging RabbitMQ Data Services MongoDB PostgreSQL Redis Clustering Galera Http Servers Nginx Terminal Access Web Terminal IBM Software Toolchain & Runtimes IBM Microservice Builder IBM WebSphere Liberty IBM SDK for Node.js Messaging IBM MQ Advanced for Developers IBM MQ Advanced Data Services IBM Db2 Dev-C IBM Data Server Manager (for Db2 Dev-C) IBM Db2 Direct Advanced Edition / AESE with Data Server Manager IBM Db2 Warehouse Dev-C IBM Db2 Warehouse Enterprise* IBM Cloudant Developer Edition Multi-cloud Management IBM Cloud Automation Manager Core Operational Services Monitoring Service Prometheus or BYO Logging Service Elk or BYO Metering Service Product Insights Security Identify and Access Management • LDAP integration and RBAC Vulnerability Advisor (beta) Data Science IBM Data Science Experience Developer Edition IBM Data Science Experience Local* Integration IBM Integration Bus for Developers IBM Integration Bus IBM DataPower Gateway for Developers IBM DataPower Gateway Virtual Edition App Modernization Tooling IBM Transformation Advisor Monitoring IBM Cloud Application Performance Management for DevOps (beta) HPC IBM Spectrum LSF Community Edition + Develop or bring your own… Self written, community and open source compatible with Kubernetes 1.7 *coming soon
  63. IBM Cloud IBM Cloud Private Content - Multi-cloud and Cloud Foundry IBM Buildpacks WebSphere Liberty Runtime Buildpacks Node.js Swift .Net Bring your own Buildpacks Add additional open source or private Extend workload provisioning with Cloud Automation Manager MEAN stack – VMware, Azure, AWS, IBM Cloud LAMP stack – VMware, Azure, AWS, IBM Cloud Node.js – VMware, IBM Cloud Strongloop – VMware, IBM Cloud MariaDB - VMware MongoDB – VMware, IBM Cloud MongoDB Strongloop 3 tier – VMware, IBM Cloud Virtual Servers with SSH key – AWS, IBM Cloud Apache HTTP Server - VMware Apache Tomcat - VMware Template driven provisioning of private and public cloud infrastructure: Bare- metal servers, VMs, cloud native services & complex application stacks Open Source Catalog (1) IBM DB2 EE (v10.5 & v11.1) - VMware IBM MQ (v8 & v9) - VMware IBM WebSphere Application Server ND (v11.1) - VMware IBM WebSphere Liberty (v17) - VMware IBM HTTP Server (v8.5.5, v9) - VMware Oracle DB Enterprise (v12c) - VMware Oracle MySQL (v5.7) - VMware Enterprise Catalog (1) + Community Templates + Bring your own templates Hashicorp Terraform Registry Self written, IBM Cloud Schematics, etc (1) Automation content available with IBM Cloud Private purchase. Product licenses must be purchased separately or BYOL. See pricing and packaging for more information.
  64. Summary
  65. IBM Systems • IBM Cloud Private • private/ • Videos • Introduction to IBM Cloud Private ( • IBM Cloud Private Overview in 4 Minutes ( • Technical Playlist ( peuWUENMK37ZlLBc_pIlXlOWeGnYRA_) • Articles ( Resources