This IBM InterConnect 2015 session will cover a number of successful customer deployments of IBM PureApplication System. The described case studies include a variety of middleware platforms, as well as many additional operational requirements, like High Availability, Disaster Recovery, Enterprise Monitoring and more. Main focus is on giving a broad overview of what customers have done with the system and what the critical success factors were.
2. 2015
Agenda
Customer stories
• Connections
• BPM
• ISV solutions
• Fundtech
• Guidewire
What they have in common
1
Authentication &
Authorization
Backup system
Monitoring
Call home
RedHat Update/Satellite
Service
External storage
Development, engineering,
& operations
Gradual adoption
Self-servicing
Roles & Responsibilities
Metering & Chargeback
Middleware
Products
Integration
within the enterprise
Organizational
Transformation
3. 2015
A hybrid cloud application platform
for cloud enabling applications and middleware
with enterprise grade qualities of service
What is PureApplication
Automated elasticity
Multi-site deployment
High availability & disaster
recovery
Monitoring
License management
Intelligent placement
Centralized logging
Security
200+ IBM and 3rd party patterns including:
Portal
BPM
Cognos
DataPower
Mobile
WAS
DB2
Oracle
MQ
IIB / Message Broker
+ any Red Hat/AIX/Windows software
Seamlessly deploy & move workloads
between on & off-premises without change:
PureApplication System
PureApplication Service
PureApplication Software
5. 2015
To be added: slide on customer entry points
(or use the following?)
6. 2015
With enterprise-grade application
platform capabilities
• Multi-tenancy
• License management
• Automated IT resource provisioning
• User-based self-service
• Service level management
• and more...
Quickly deploy cloud-ready solutions
onto PureApplication System
• BPM
• Mobile
• Portal
• Business Intelligence
• Commerce
• and more…
Cloud Application Platform – Built In
Hybrid Lower CostFaster Open Less Risk
7. 2015
Customer Story: IBM Connections
“Large” deployment model with 14
clusters and 14 servers per node
Customized to leverage GPFS for DR
across two data centers
Multiple private networks configured
8. 2015
Customer Story: IBM BPM
Golden topology with multiple
clusters and nodes
Process Server and Process
Center
Stray nodes for DR support across
data centers
9. 2015
Customer Story: ISV Solutions
Based on existing artifacts,
extended for supporting ISV
application
Fundtech
• Includes Oracle RAC and MQ
Guidewire ClaimCenter
• Assumes external Oracle DB
server
10. 2015
What they have in common…
Can provision environments significantly faster
Automates a significant portion of the end-to-end process
More efficient management of their environments
Customer Quote:
“The integrated cloud system has saved 100’s of FTE hours by reducing complexity
and the need for meetings to schedule and review changes and minimized downtime
because of the rate of success to upgrade both hardware and software.”
Decouple application deployment management from topology provisioning
and management
E.g. use UrbanCode Deploy
Provides a clean handover model between infrastructure engineering and application
development teams
Integrate pattern instances into existing or to be established continuous
delivery pipeline (DevOps)
9
11. 2015
What they have in common… (cont.)
Aim to establish self-service models for their respective audiences
Expose appropriate REST/CLI calls they can embed in existing DevOps tooling
Run development, test, and production all on PureApplication
Use appropriate and pre-designed configuration for cloud groups, networking, resource
allocation, etc.
Apply required isolation of workloads
Actively participate in pattern customization
Don’t assume you can use IBM-provided patterns unchanged
Define compliant, boilerplate topologies for middleware environments
Avoid manual changes to virtual machines
Instead, automate everything and add to the pattern
10
13. 2015
Integration with Ethernet and Storage Networks
Plan ahead for implementation of PureApplication System in your networks
Even more important when setting up two or more interconnected systems
Multi-system management and deployment subdomain
Externally managed Cloud Groups
Block Storage Volume replication
SAN
Management network
Cloud Group management network
Data network 1
Data network 2
Data network 3
iSCSI target
Tie-breaker
14. 2015
Authentication and Authorization
Operations of deployed solution is greatly simplified through solid
authentication and authorization mechanisms
Existing LDAP service can be used for this
IBM PureApplication System integrates with LDAP
Many IBM products deployed on IBM PureApplication System integrate with
LDAP
But… the OS deployed on IBM PureApplication System does not integrate with
LDAP… by default
Red Hat Enterprise Linux can be integrated with LDAP
Several clients have done so with Active Directory
15. 2015
Authentication and Authorization – continued
Technical details and sample Script Packages are available
http://www.ibm.com/developerworks/websphere/techjournal/1410_vanrun/1410_vanrun.htm
l
Virtual Machine
Red Had OS
host.domain
Virtual System Instance
Virtual Machine
Red Had OS
host.domain
Virtual System Instance
Virtual System Patterns
DEPLOY
DELETE
3
1
IBM PureApplication System
ComputerObject for hosta
ComputerObject for hosta
ComputerObject for hosta
CONTAINER
Microsoft Active Directory (.domain)
JOIN
LEAVE 4
2
16. 2015
Red Hat OS lifecycle management
Integration of deployed OS instances with Red Hat Satellite Server
Use existing Satellite Server
Use a out-of-the-box Virtual System Pattern to deploy Red Hat Satellite Server on
PureApplication System
Deployment of “external” Red Hat Satellite Shared Service
References the FQDN of the
Satellite Server
All OS instances in scope are
configured
Does not deploy any VMs!
Satellite Server activation
key logically “groups” VMs
together
17. 2015
Red Hat OS lifecycle management - continued
Installing and updating RPMs from individual OS instances
yum install some.rpm
yum update another.rpm
Update or install packages on System Group
Created in Red Hat Satellite Server and associated with Actication key
18. 2015
Integration with backup systems
Production systems require a backup and restore mechanism
IBM PureApplication System is no different!
Recovery scenarios on IBM PureApplication System can be divided into:
• System and Patterns
http://www.ibm.com/developerworks/websphere/techjournal/1402_woolf2/1402_woolf2.html
• Application data
http://www.ibm.com/developerworks/websphere/techjournal/1404_woolf3/1404_woolf3.html
System
Patterns
VM
VM
VM
VM
SSH backup
server
Traditional
backup server
(i.e. TSM)
System
Patterns
System and Patterns
Application Data
19. 2015
Integrate with IBM Support using Call Home
Automatically open PMRs with IBM Support for certain events in
PureApplication System
Helps streamlining activities in the operations team
Connection to Internet could require configuration of outbound proxy server to allow
connectivity from PSMs (next slide)
Internet
OutboundProxyServer
PSM2
PSM1
20. 2015
Integrate with IBM Support using Call Home - continued
FQDN IP address * Protocol (Port)
eccgw01.boulder.ibm.com 207.25.252.197 HTTPS (443)
eccgw02.rochester.ibm.com 129.42.160.51 HTTPS (443)
www-945.ibm.com
129.42.26.224
129.42.34.224
129.42.42.224
HTTPS (443)
www.ecurep.ibm.com 192.109.81.20 HTTPS (443)
www-03.ibm.com 204.146.30.17
HTTPS (443),
HTTP (80)
www.ibm.com
129.42.56.216
129.42.58.216
129.42.60.216
HTTPS (443),
HTTP (80)
* IP addresses could change at any time; using the FQDN
instead is strongly recommended!
21. 2015
MKS Console Access
Mouse Keyboard Screen VMWare Console access to Virtual Machines
Only applicable to Intel based systems (i.e. not W2500/W2700 POWER models)
Requires browser plugin from VMWare to be installed
Special IP Group called “MKS Console IP Group” needs to be defined
Specific ports might need to be
opened up in the firewall!
Could save the day when a Virtual
Machine is no longer accessible over
the network
Plan ahead and set this up
beforehand
22. 2015
MKS Console Access - continued
Cloud Group 2
Cloud Group 1
Compute Node
(ESXi host)
Compute Node
(ESXi host)
Compute Node
(ESXi host)
Data VLAN 1
VM VM VM
Compute Node
(ESXi host)
Compute Node
(ESXi host)
Compute Node
(ESXi host)
MKS Console VLAN
Data VLAN 2
VM VM VM
Workstation with Browser and
VMWare Remote Console Plug-in
VM deployed in Cloud Group 1 and IP
Group associated with Data VLAN 1
VM deployed in Cloud Group 2 and IP
Group associated with Data VLAN 2
Compute Node associated with an IP
address from IP Group “MKS Console
IP Group”
24. 2015
Roles
Datacenter
Operations
Application
Operations
Database
Operations
Content
Enablement
Finance &
Compliance
Appl. Cloud
Admin
Middleware
Admin
DBA
Business
Manager
Audit
Manager Database
Architect
Middleware
Architect
Network
Architect
OS Architect
Security
Architect
Asset Librarian
Solution
Development
Application
Development
Database
Development
App S/W
Architect
App Security
Architect
App
Developer
App Tester
DB Appl.
Developer
DB Appl.
Admin
Physical Cloud
Admin
Security Admin
Network Admin
Facilities Ops
Storage Admin
Datacenter Ops
(NOC)
Pattern
Architect
• New roles
• Consulting role
Deployment
Automation
Deployment
Automation
Developer
Build
Engineer
Project
Management
Cloud
Integration
Architect
Pattern
Developer
PureApp System
Admin
25. 2015
Gradual adoption
Traditional server topology
migrated “as-is” on PureApp
IT view: Just another HW
platform
One app moved to PureApp
Network admin insisted on
registering MAC addresses of
VMs
26. 2015
Old Roles, New Responsibilities
Roles are morphing &
responsibilities are increasing
True of IT departments and
SO
2 and 3-week SLAs are
shortened to 4 hours
Behooves IT staff to share
knowledge & power
Developer community more
empowered & more
accountable
27. 2015
Process changes
Customers want Monitoring, metering,
chargeback
“All you can eat” has given way to
“pay for what you use”
Reports of who is doing what,
consuming how much & when
VMs discovered by TADDM,
monitored by Wily, logging via Splunk
32. 2015
Notices and Disclaimers (continued)
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or
other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the
accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM
products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or
the ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL
WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM
patents, copyrights, trademarks or other intellectual property right.
IBM, the IBM logo, ibm.com, Bluemix, Blueworks Live, CICS, Clearcase, DOORS®, Enterprise Document Management System™,
Global Business Services ®, Global Technology Services ®, Information on Demand, ILOG, Maximo®, MQIntegrator®,
MQSeries®, Netcool®, OMEGAMON, OpenPower, PureAnalytics™, PureApplication®, pureCluster™, PureCoverage®,
PureData®, PureExperience®, PureFlex®, pureQuery®, pureScale®, PureSystems®, QRadar®, Rational®, Rhapsody®, SoDA,
SPSS, StoredIQ, Tivoli®, Trusteer®, urban{code}®, Watson, WebSphere®, Worklight®, X-Force® and System z® Z/OS, are
trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service
names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and
trademark information" at: www.ibm.com/legal/copytrade.shtml.
33. Thank You
Your Feedback is Important!
Access the InterConnect 2015 Conference
CONNECT Attendee Portal to complete
your session surveys from your
smartphone,
laptop or conference kiosk.