IBM has announced the IBM Cloud Private software platform. It claims it will help customers unlock billions of dollars in technology investment around core data and applications. It is also targeting the extension of cloud-native tools across both public and private clouds
What is IBM Cloud Private?
IBM is looking to close the gap between on-premises clouds and public cloud. One of the challenges for organisations in moving to hybrid cloud is the gap between the two cloud platforms. IBM is providing customers with all the tools to create their on-premises cloud to look like public cloud.
There are three different sets of offerings; Community, Cloud Native and Enterprise. Each contains a different use case, slight difference in the platform and substantial differences in the IBM Enterprise Software supported. IBM describes the use cases as:
- Community: Start easily – create cloud-native applications in a non-production environment
- Cloud Native: Confidently develop & deploy microservices built on 12-factor application principles
- Enterprise: Modernize existing applications. Open & Connect enterprise data centers to work with cloud services
All three options will have Kubernetes, a set of common services and a catalogue of open source and IBM software built for Kubernetes. However, the Cloud Native and Enterprise options will also get Cloud Foundry. This is an interesting addition.
Cloud Native and Enterprise both get IBM Microservice Builder, WebSphere Liberty, IBM SDK for node.js and Cloud Automation Manager. The additional components for Enterprise are WAS Family, MQ Advanced Edition, Urban Code Deploy and API Connect.
What is not clear is how all of this will be licensed. IBM has previously shied away from offering container licensing aligned to other cloud charging models. This would see customers pay only when the container is deployed. So far, there is no comment from IBM on exactly what this new charging model for containers will be.
Other Cloud Private components
The IBM press release lists other key features as being:
- Infrastructure choice – There is support for Cisco, Dell EMC, Intel, Lenovo and NetApp. Optimized for IBM Z, IBM’s leading secure transaction platform, IBM Power Systems designed for AI and cognitive workloads, IBM Hyperconverged Systems powered by Nutanix software, and IBM Spectrum Access data management and infrastructure solution from IBM Storage. Ability to deploy via VMware, Canonical and other OpenStack distributions or bare-metal servers.
- Core Cloud Platform – Leveraging the most common PaaS technologies and developer runtimes, IBM Cloud Private includes a container engine, Kubernetes orchestration, Cloud Foundry, and essential management tools surrounding these runtimes which are fully integrated and automated.
- Data and analytics – Developer services such as IBM DB2, IBM DB2 Warehouse, PostgreSQL and MongoDB, which leverage data to gain business insights which can provide competitive differentiation.
- Differentiated Application and integration services – Available on-premises, complemented with public services, as well as new containerized versions of software and development frameworks, including IBM WebSphere, Open Liberty, MQ, and Microservice Builder, to provide developers the tools to build, manage and support sophisticated applications. Integration services are also included for API and service interoperability across multiple clouds.
- Developer tools – Access to a range of management and DevOps tools, including APM, Netcool, UrbanCode and Cloud Brokerage, that can manage the lifecycle of workloads across any cloud environment. Also included are popular open-source management tools which developer use today such as Jenkins, Prometheus, Grafana, and ElasticSearch.
It’s all about the containers
Customers now have access to container optimised versions of IBM’s core enterprise software. This is a significant step forward for IBM. It has been asked repeatedly over the last few years why it wasn’t delivering it enterprise software in virtual machines. The biggest challenge it cited was the problem of licensing. With containers, something has clearly changed and it is good news for customers. It has announced that DB2, MQ and WebSphere Liberty will be the first three applications to be shipped in containers.
What isn’t clear is if these containers will be full versions of the applications or how they will be licenced. When IBM announced containers on its z14 mainframe it claimed it could run up to 2 million containers on the platform. It later clarified this to say that a container would not be running a full application. Instead it saw them running microservices or smaller components of applications.
This raises questions as to what will be in these new containers and their portability. If they are not full applications, how portable will they be? What dependencies will they have on the underlying cloud platform?
IBM has opted for Kubernetes as its container platform of choice. This is a major surprise. Back in April, IBM chose Docker Enterprise Edition for its Linux-based systems. It also talked about the potential for Docker Swarm as an orchestration engine. Now it appears to have chosen Kubernetes as its preferred container platform. IBM will continue to give customers the choice between Docker and Kubernetes for their own containers. However, it does not appear to be offering its applications inside Docker containers.
Security, security, security
No surprise that IBM is playing the security card. This underpinned its recent z14 mainframe launch. It has also added additional encryption support across its platforms. As part of this announcement IBM is delivering a new Security Vulnerability Advisor. It will deliver continuous security scanning of containers irrespective of which cloud they are deployed in. This is designed to spot any signs of tampering or breach before it affects other containers.
It has also decided to enforce constant encryption of containers along with auditing. Whether at rest or in flight, containers will be encrypted. This reduces the risk of breach and, importantly, should a container be copied, reduces the chance of data being extracted. What is not clear is how it will deliver that encryption. The most obvious route would be to use the new hardware encryption capabilities inside its z14 mainframe. However, this has not been stated in the press release.
Haven’t we been here before?
Yes and no. The idea of aligning the on-premises environment with hosting and the early plethora of cloud models is not new. Hewlett Packard purchased Eucalyptus back in 2014 with a similar goal in mind. It wanted to provide customers a way of pulling their AWS instances back to the on-premises world. In addition to failover support it wanted customer to develop on-premises and deploy directly into AWS. Unfortunately this never really delivered.
VMware has been promoting the use of VMs as a portability model between on-premises, hosting and cloud for over a decade. Early on it suffered from the problems of bandwidth but got around that with synchronisation between local and remote VMs. This became a fairly common disaster recovery option for many businesses. It has recently adapted this model as part of its cloud solution with a lot of success.
IBM appears to be now having its own attempt at this. It is taking a different approach to HPE and VMware. Rather than use an intermediate tool it is simply aligning the on-premises and the public cloud options. There are, however, some issues to be thought through.
IBM has built its cloud on OpenStack. Recent surveys show that on-premises use of OpenStack for production workloads is increasing. If IBM gets this right then customers can develop on-premises and deploy locally or on any OpenStack cloud including IBM.
This is a big bonus lies for customers. over 18 OpenStack distributors have proved interoperability at the deployment level. The question is will IBM be happy if its customers use the tools for their on-premises cloud and then push to Huawei, OVH or even Oracle? It’s a risk and it will be interesting to see how this develops over time.
What does this mean?
There is much to be excited about with this announcement. IBM is finally delivering its software in containers. While we don’t know if that is the entire application or just components, it is still a big step. If IBM is successful it will cause a major rethinking of software delivery across large software vendors. If it has decoupled components as it has previously hinted at, we could be seeing the end of the heavyweight enterprise software suite.
By offering three choices, Community, Cloud Native and Enterprise, IBM is looking to appeal to more than its traditional enterprise customer base. It is also offering multi-cloud support. This is more than just on-premises and the IBM OpenStack cloud. It is allowing customers to deploy to any OpenStack cloud. How many customers will take up this option is questionable. What IBM will hope is that it can pick up customers who want to use its software but not necessarily its wider cloud platform.
What is missing from this announcement is Watson. IBM has made Watson a core part of almost everything it does. It has already decoupled the machine learning engine from Watson and deployed that on its mainframes. However, in this first iteration of Cloud Private it hasn’t announced a Watson container. How long before we see that?