IBM Bluemix. The Digital Innovation Platform. Simon Moser (smoser@de.ibm.com) @mosersd

IBM Bluemix The Digital Innovation Platform Simon Moser (smoser@de.ibm.com) @mosersd

Who am I? - Senior Technical Staff Member at IBM Research & Development Lab in Böblingen, Germany - Bluemix Application Platform Lead Architect - PM for Cloud Foundry - Chairman of the TOSCA Technical Committee at OASIS - Lecturer on Cloud Computing at the University of Jena, Germany 2 2014 IBM Corporation

Bluemix: IBM s Cloud Platform Build, run, scale, manage, integrate & secure applications in the cloud Developer experience Rapidly deploy and scale applications in any language. Compose applications quickly with useful APIs and services and avoid tedious backend config. Realize fast time-to-value with simplicity, flexibility and clear documentation. Built on a foundation of open technology. Enterprise capability Securely integrate with existing on-prem data and systems. Choose from flexible deployment models. Manage the full application lifecycle with DevOps. Develop and deploy on a platform built on a foundation of open technology. Bluemix service categories DevOps Big Data Mobile Watson Business Analytics Database Web and application Security Internet of Things Cloud Integration API management & Integration

Addressing Many Types of Use Cases Extend existing applications - Add user experience such as mobile, social - Add new capabilities integrating other services/apis - Rapid experimentation for new capabilities API enable applications - Scalable API layer on top of existing services - Simplify how composite service capabilities are exposed via APIs New applications - Systems of Engagement - Different state management models - "12-factor applications Backend Systems and Integration New Channels & Opportunities

Running your code on Bluemix

Bluemix structure 6

Bluemix offers different compute models to run your code CloudFoundry application expanding Docker Container Virtual Machine Flexibility Level of abstraction Consistent experience: Common service binding & consumption model Common user ID & permissions model Ability to hook into common routing layer 7

Bluemix leverages CloudFoundry as a key element Continuing our history of embracing and extending Open Source

Benefits of running an application in Bluemix on CloudFoundry Eliminates / simplifies various tasks: Health management Traditional On-Premises Applications Infrastructure as a Service Applications Platform as a Service Applications Software as a Service Applications Load-balancing Data Runtime Data Runtime Data Runtime Data Runtime Scaling Middleware O/S Middleware O/S Middleware O/S Middleware O/S Deployment Virtualization Servers Virtualization Servers Virtualization Servers Virtualization Servers OS patching Storage Networking Storage Networking Storage Networking Storage Networking OS security hardening Client Manages Vendor Manages in Cloud Standardization; OPEX savings; faster time to value

Bluemix high-level architecture Bluemix network frontend Client Applications Management & security backend CloudFoundry runtime Container runtime (Docker) VM runtime (OpenStack) Business support services Services (IBM & 3 rd party) & Marketplace Multi-region enablement Bluemix region Softlayer infrastructure 10

Zooming into the CloudFoundry runtime (1) CLI IBM DevOps services Developers interface with the Cloud Controller using various clients (cf, Eclipse, DevOps services) for pushing & managing apps and create & manage service instances. It provides a RESTful interface to domain objects (apps, services, organizations, spaces, service instances, user roles, and more). Bluemix network frontend Client Applications Management & security backend Go router Bluemix-specific functions Go router Go router Business support services UAA Cloud Controller Apps DEAs Health Manager Loggregat or Container runtime VM runtime Services & Marketplace Multi-region enablement Bluemix region Softlayer infrastructure 11

Zooming into the CloudFoundry runtime (2) A DEA (Droplet Execution Agent) is a machine/agent that can run one or multiple apps. DEAs are responsible for an app s lifecycle: building, starting and stopping apps as instructed. It keeps track of all instances, and periodically broadcasts messages about their state. Buildpacks create app droplets which execute on a DEA. Bluemix network frontend Client Applications Management & security backend Go router Bluemix-specific functions Go router Go router Business support services UAA Cloud Controller Apps DEAs Health Manager Loggregat or Container runtime VM runtime Services & Marketplace Multi-region enablement Bluemix region Softlayer infrastructure 12

Zooming into the CloudFoundry runtime (3) The Router shapes and routes all external system traffic (HTTP/API) and application traffic from the internet/intranet. It maintains a dynamic routing table for each load-balanced app instance with IP addresses and ports for access via the internet. Bluemix network frontend Client Applications Management & security backend Go router Bluemix-specific functions Go router Go router Business support services UAA Cloud Controller Apps DEAs Health Manager Loggregat or Container runtime VM runtime Services & Marketplace Multi-region enablement Bluemix region Softlayer infrastructure 13

Zooming into the CloudFoundry runtime(4) The Health Manager monitors application uptime/health by looking for mismatched application states (expected/actual). The Cloud Controller provides the expected state and the DEAs provide the current state. If the Health Manager sees an incorrect current state, it notifies the Cloud Controller. Bluemix network frontend Client Applications Management & security backend Go router Bluemix-specific functions Go router Go router Business support services UAA Cloud Controller Apps DEAs Health Manager Loggregat or Container runtime VM runtime Services & Marketplace Multi-region enablement Bluemix region Softlayer infrastructure 14

Zooming into the CloudFoundry runtime(5) The Loggregator is the single source for all logs about an application. This includes logs written to system.out / err, http traffic logs and logs about an app crashing and getting restarted automatically. Logs can be retrieved by connecting a log mgmt solution of choice with the loggregator [1] and/or using the CLI command cf logs <appname> --recent. Retrieve logs Bluemix network frontend Client Applications Management & security backend Go router Bluemix-specific functions Go router Go router Apps Business support services UAA Cloud Controller DEAs Health Manager Loggregat or Container runtime VM runtime Services & Marketplace Multi-region enablement Bluemix region Softlayer infrastructure [1] http://docs.cloudfoundry.org/devguide/services/log-management.html 15

Bluemix: Foundational Concepts Account Anchor point for billing Organizations Organizations enables team collaboration Enables team collaboration Spaces Spaces Logical of apps and service Logical grouping of of apps apps and and service instances per-user permissions User User User Space Apps Space Containers Space VMs Service Space Instances 16

Bluemix leverages the CloudFoundry open source project what is added beyond that? Alternative compute models beyond fully managed app single experience Docker containers VMs Large number of services co-located with applications IBM manages CloudFoundry 24x7 Running a large-scale PaaS is complex Patching, monitoring, backup, etc. across Operating System and CF Security hardening and management Support ticketing system Delivered across multiple regions with an integrated experience Mobile backend support Integrated web experience SSL support Support of custom SSL certs Developer productivity support Remote Debugging and incremental push DevOps services 17

2 Cloud Foundation Services Foundational services to create portable and elastic applications, services & microservices.

Bluemix offers different fit-for-purpose compute models for running your code CF-managed Apps Containers VMs Code packaging app source code, app package, docker file/image (future/diego) docker file/image Binary package Protocol for accessing apps http(s), web sockets any any Auto-recovery Built-in, based on process health (today), flexible health detection (future/diego) Available, based on container health (up/down status, ping, HTTP ping) Available (need further details) OS patching Done by IBM Done by IBM Done by user Ability to store local process state Capacity Stateless app (state persisted in services), 12-factor app, state may be persisted in services Memory flexible, CPU proportional to mem, disk 1-2 GB Filesystem can be attached, state may be persisted in services t-shirt sizes with easily extended options, IP address, storage capacity IP configuration Shared public IP across all apps Dedicated private IP per container, public IP can be assigned to containers using API load balancing Built-in association of hostnames with process instances Built-in association of hostnames with instances (integration with CF router), but load balancer optional Persistent filesystem T-shirt sizes Dedicated IP (public or private) per container Built-in association of hostnames with instances, load balancer optional Developer access to local filesystem Read-only Read/write -- depends on protocol (ssh, scp, ftp, etc.) enabled Read/write, depends on protocol (ssh, scp, ftp, etc.) enabled 19

Global rollout of Bluemix London (eu-gb) Dallas (us-south) Sydney Leveraging IBM SoftLayer global presence. Bluemix dedicated is available in any location. 20

Multi-region support in Bluemix 1. Single web UI (e.g. allowing to switch between regions) 2. Apps are pushed into a specific region Apps always exist on a per-region basis 3. Service instances are created in a specific region 4. App traffic can be distributed amongst regions via a global load balancer of choice 5. Clients (CLI, eclipse, etc.) connect with each regional CF individually 6. Organization can be extended to span multiple regions, spaces are regional (granular permissions model) Developer Geo-sensitive Load Balancer Cloudant instance app1 us-south SQL DB instance app2 app3 eu-gb SQL DB instance app4 Bluemix 21

App 1 App 2 App 1 App 2 Bluemix apps DR approach Global Load Balancer Customer-specific GLB configures CF deploys apps Developer deploys apps CF CCDB Bluemix Region A Dependencies Service instances Existing systems CCDB Bluemix Region B Both Bluemix deployments running active (no active/passive failover) Apps need to be deployed by developer into region individually Manually or automated * GLB needs to be configured to point to apps in both regions If one region goes down, the GLB will only be routing traffic to the other side * http://ryanjbaxter.com/2015/04/15/performing-zero-downtime-deployments-from-ibm-devops-services-to-bluemix/ http://www.ibm.com/developerworks/cloud/library/cl-bluemix-rollingpipeline/

Building increasingly flexible deployment models We deliver everywhere, so you can start anywhere Public Tap into over 100 IBM and 3rd party services across mobile, IoT, Watson and more to power your modern apps and services. Dedicated Experience an unmatched combination of security and time to value in a cloud that feels like a natural extension of your existing network. Local Take advantage of the true value of cloud behind your firewall with the help of our first-of-its-kind appr oach to private cloud delivery. Across public, dedicated and local cloud, Bluemix is always just Bluemix Key experiences unify the platform deployments Management Console Syndicated Catalog Relay IBM Corporation IBM Confi

Dedicated Bluemix

Introducing Bluemix Dedicated Public On-Prem The power and simplicity of Bluemix in your own dedicated SoftLayer environment that s securely connected to both the public Bluemix and your own network. Dedicated to you Single tenant hardware that s dedicated to you allowing you to satisfy regulatory & legal compliance. Dedicated Feels like home Secure, fast, and unmetered access. Bluemix Dedicated sits on your network via VPN or direct network connectivity. Focus on apps, not iron Focus on building custom applications and services. IBM manages the platform and dedicated services. Global- so you re local Get closer to your users. Bluemix dedicated can live in any SoftLayer data center around the world. Pay smart Pay based on intuitive runtime/service metrics and adjust capacity monthly depending on needs. We re on call 24/7 Experts are always on call to solve problems. Premium support options are also available to further meet your requirements.

Bluemix Dedicated Bluemix Dedicated Bluemix running in a SoftLayer environment dedicated to a single-tenant

Local Bluemix

What is Bluemix Local? 1 2 3 Provides an Innovation Platform in your data center that is open and non-proprietary. Full cloud experience that allows developers to innovate quickly and addresses need for security and compliance. Provides turn key delivery that allows clients to get started immediately with Bluemix and grow as their needs mature. Started in Bluemix Public to refine the delivery of platform as a service at scale. Refined processes for monitoring, availability, support and maintenance. Consistently provide three deployment models leveraging the same DevOps model Provide a price point reflective of the workload in a true cloud experience IBM Corporation X IBM Confi

IBM Confi

Consolidated Services & Views Across Deployments Compose Services using a blend of Public, Private and Custom Services Seamless catalog experience View status across deployments System Information Security & Audit Logs User Management IBM Corporation Also: Catalog Management Capacity Views X IBM Confi