The concept of images that are installed and configured once and then copied and reused over and over again rapidly comes up against the reality that every executing server is unique. The uniqueness might be as minor as a different password and IP address, or as major as different software and application requirements. To gain the efficiency promised by images, you must carefully consider what goes into the image and how many images to build.
This article is an overview of the image customization capabilities in the IBM WebSphere CloudBurst Appliance, including image creation, image extension, script packages, pattern definition, and image maintainance. Subsequent articles in this series will provide indepth examples for each of these techniques.
Creating customized private clouds
IBM’s new WebSphere CloudBurst Appliance helps you create, deploy, and manage WebSphere virtual systems within a private cloud. The appliance ships with IBM WebSphere Application Server Hypervisor Edition, which is a virtual image packaging of WebSphere Application Server according to the Open Virtualization Format (OVF) standard. This packaging includes the operating system, WebSphere Application Server profiles and binaries, and IBM HTTP Server, all pre-installed and ready to be deployed to a hypervisor.
Figure 1. WebSphere Application Server Hypervisor Edition
By building on top of WebSphere Application Server Hypervisor Edition, WebSphere CloudBurst delivers an even higher level of value in the form of patterns. These patterns represent meaningful WebSphere configurations and are also deployable, via WebSphere CloudBurst, to a set of hypervisors within a private cloud. Figure 2 depicts the WebSphere Cluster pattern that is shipped with WebSphere CloudBurst.
Figure 2. WebSphere CloudBurst Cluster pattern
Enterprises can realize out-of-the-box value with WebSphere CloudBurst with the pre-configured virtual images and patterns that are shipped with the appliance. However, many users (if not all) will require customized environments in their private clouds. Using WebSphere CloudBurst, you can provide customization to all levels of your private WebSphere cloud, including the operating system, middleware, and application layers. These layers of customization correspond to the separation of responsibilities often seen in enterprises in which distinct teams are assigned to take care of operating system environments, middleware environments, and applications. Along with these customization capabilities, WebSphere CloudBurst provides a user access model that maps to these different customization paths, and, therefore, organizational roles.
WebSphere CloudBurst provides these customization capabilities by enabling you to customize both its virtual images and patterns. The type and frequency of the customizations will play a part in where the customization is performed.
Figure 3 illustrates different customization needs and how those customizations can be achieved in WebSphere CloudBurst -- while preserving traditional organizational responsibilities. While WebSphere CloudBurst provides mechanisms to store and reuse customizations, it also recognizes that some customizations -- virtual machine passwords, for example -- are unique to each deployment and need to be performed each time.
Figure 3. Customization overview
As mentioned earlier, WebSphere Application Server Hypervisor Edition is a virtual image that comes pre-installed with the operating system, along with WebSphere Application Server binaries and profiles, and IBM HTTP Server. When WebSphere patterns are dispensed to the private cloud via WebSphere CloudBurst, the operating system and selected components in the virtual image are activated in order to create a virtual machine instance. While the virtual image packaging does provide for extremely rapid creation of middleware environments, it does not necessarily provide you with your required operating system capabilities.
To enable you to customize your operating system environment by installing custom software, WebSphere CloudBurst introduces the idea of extending virtual images. You can extend one of the WebSphere Application Server Hypervisor Edition virtual images, make changes to the image, and then recapture the changed image.
Figure 4. Extending virtual images
The recaptured image reflects the changes you made and is stored in the WebSphere CloudBurst catalog. Once in the catalog, the image can be used as the basis for all patterns that are built using the WebSphere CloudBurst Appliance. Many different types of WebSphere configurations can be based off of this same virtual image; this means that no matter the middleware topology or application, the underlying operating system and software installed in that operating system are the exact same for each WebSphere Application Server virtual system running in the private cloud. Further, you need to perform the customization only one single time, while the virtual image can be reused by as many patterns as necessary.
Custom environment patterns
Of course, there are those customizations that are more appropriate for a WebSphere Application Server middleware environment. Again, WebSphere CloudBurst represents the WebSphere middleware environment in a pattern; these patterns are essentially a representation of the WebSphere Application Server topology with desired customizations. Using the WebSphere CloudBurst Pattern Editor, you can interact with a graphical interface to create WebSphere Application Server middleware environments that include topology definition, custom settings, and user applications.
For example, suppose a member of the team responsible for maintaining WebSphere Application Server environments wanted to create a WebSphere cluster pattern that included a deployment manager, four custom nodes, and two IBM HTTP Servers. The cluster pattern mentioned earlier in this article could be cloned and the topology altered to fit the needs outlined, all using the Pattern Editor.
Figure 5. Customizing WebSphere topologies
In addition to saving topology settings as part of the pattern, additional properties for the WebSphere Application Server environment, such as messaging, persistence, and security settings, can all be configured and preserved as part of the pattern. For example, a standard WebSphere Application Server environment pattern with in-memory session persistence and global security can be created. Properties on each WebSphere component, such as virtual machine size and virtual CPU count, can be standardized and saved as part of the pattern as well. By capturing all of these customizations in the form of a pattern, you are ensured of a consistent, repeatable middleware environment.
Custom application patterns
Beyond the topology changes and settings that you can configure in the Pattern Editor, WebSphere CloudBurst provides the capability to perform any other WebSphere Application Server configuration changes that you might need. For example, a member of the team responsible for applications in the enterprise could take the customized cluster pattern above and add an application to the configuration.
Figure 6. Customization with script packages
For customizations that involve installing applications, configuring trace settings on servers, or otherwise tuning the WebSphere Application Server environment outside of the Pattern Editor capabilities, you can use script packages. These components contain executable files (and artifacts needed by those executables) and are invoked by WebSphere CloudBurst after a pattern is deployed. Using script packages, you can achieve virtually any type of customization you need.
Certain customizations will be unique to each and every WebSphere Application Server deployment. It is usually not appropriate to capture these specific values in a pattern because you would end up creating and saving a pattern for literally every deployment. WebSphere CloudBurst enables you to alter properties that have not been locked as part of the pattern. This can include virtual machine size, WebSphere Application Server cell and node names, passwords for the virtual system, and custom properties for script packages.
While it may seem a minor point, the fact that you can only change properties that are not locked as part of the pattern is worth noting. This restriction enables those who are knowledgeable in constructing middleware environments and the organization’s resource availability to harden the pattern by “freezing” this intelligence into the configuration. Later, users who need such environments can use WebSphere CloudBurst self-service capabilities to deploy these patterns while being assured the WebSphere virtual systems will behave optimally in the private cloud.
When to customize what
To effectively leverage the customization options of both virtual images and WebSphere CloudBurst patterns, it is important that you understand when to use these customizations. Some scenarios lend themselves better to extending the virtual image, while others benefit from pattern customization.
Extending virtual images can be employed in many different scenarios. Consider a case in which every operating system instance in an enterprise is required to have special anti-virus software installed. This scenario is a perfect candidate for image extension because by making the customization at the image level, you only need to apply the customization once and then leverage it by every WebSphere virtual system in the private cloud.
Common dependencies of the middleware environment is another good candidate for customization through image extension. Suppose that nearly all of your middleware deployments utilized a common JDBC driver. This driver could be installed in an extended image, and that customized image in turn could be utilized to build the WebSphere Application Server patterns to be deployed to the private cloud. Customizing the image guarantees that each environment can utilize the JDBC driver without performing any additional install steps after deployment.
Customizing patterns, whether it is via the Pattern Editor or through script packages, are best employed for changes that will vary across different middleware instances. For example, production WebSphere Application Server cluster patterns might contain more custom nodes than a similar environment used in testing. These different topologies can be constructed once for each use and then saved in the form of a pattern, thus making it reusable across the different teams as necessary. Test departments could benefit from automatically having all of their applications installed after the WebSphere Application Server virtual system is created, and this could be achieved via the WebSphere CloudBurst customization capabilities. Changes in the environments could be less subtle as well. For example, patterns that are identical in topology might only differ in that patterns used by the test group contain customizations to enable trace after deployment.
Table 1. WebSphere CloudBurst customization matrix
|Technique||Description||Advantages||Used by WebSphere CloudBurst||Customization example|
|Image||Changes are made once directly to image binaries||Speed, reduce code development and test||Operating system and WebSphere Application Server||Monitoring agents, JDBC drivers|
|Patterns and scripts||Changes are automated once and executed for each deployment||Reuse of images with different applications and parameters||Advanced pattern options (messaging, HTTP session, security)||Deploy applications, perform WebSphere configuration|
|Deployment time parameter||Changes are applied uniquely for each environment||Unique values for each virtual machine||Passwords, WebSphere cell and node names||Application database name|
Table 1 above provides a summary and examples of the different customization techniques currently included in the WebSphere CloudBurst Appliance. In general, if the customization is needed by each and every environment in your private WebSphere cloud, image extension is likely to be the best route. This is because the customization can be completed once and then used in every WebSphere pattern you create, thus ensuring that each virtual system contains the customization. If a customization is specific to the context in which the environment is being deployed -- for example, installing certain applications -- then this is likely to be best captured by editing a pattern.
Providing customization capabilities that can be aligned with organizational responsibilities is only half of the customization story in WebSphere CloudBurst. The second half of that story is delivering a mechanism for defining users whose system permissions align with organizational responsibilities. Using administrative capabilities in WebSphere CloudBurst, users and user groups can be defined and associated with a set of permissions. The WebSphere CloudBurst console includes permissions to:
- Deploy patterns
- Create patterns
- Manage the catalog
- Administer the cloud
- Administer the appliance
These different permissions align nicely with the different customization scenarios in WebSphere CloudBurst and the different responsibilities among IT teams. For example, the team responsible for the operating system infrastructure would need the permission to manage the WebSphere CloudBurst catalog so they could create and store customized virtual images. On the other hand, the teams responsible for applications and middleware would need the permission to create and deploy patterns. This would give them the capability to create tailored WebSphere Application Server middleware environments for the private cloud.
Users and user groups can have anywhere from one (all defined users have the ability to deploy patterns) to all of the permissions defined in WebSphere CloudBurst. The ability to associate users with multiple permissions acknowledges the reality that IT staff members are seldom responsible for a single set of tasks.
Role-based permissions can be combined with fine-grained access control for each image, pattern, virtual system, and more. This level of access control provides additional administrative control, especially useful for supporting multiple organizations. For example, a common WebSphere Application Server environment pattern might be shared across multiple lines of business; however, once the specific applications are added, these patterns can be access-controlled so that only the appropriate line of business can view and deploy the pattern. Figure 7 shows how this capability works in WebSphere CloudBurst.
Figure 7. Pattern Access Control
On the left, access permissions to the WebSphere cluster (development) pattern have been granted to the Developer user. On the right, you see the patterns view for the Developer user. Notice that the Developer user only sees the WebSphere cluster (development) pattern, since that is the only pattern to which the user has access.
By delivering both role-based permissions and fine-grained access controls, WebSphere CloudBurst provides you with a robust system of controlling components that make up your WebSphere private cloud.
The WebSphere CloudBurst Appliance provides the best of both worlds when it comes to creating private WebSphere cloud environments. With the inclusion of WebSphere Application Server Hypervisor Edition and pre-configured WebSphere patterns built from this virtual image, you can immediately begin to deploy relevant WebSphere middleware environments to your private cloud. In addition, customization capabilities provide you with the ability to achieve virtually any type of WebSphere Application Server environment you need. Whether customization means installing custom software, altering WebSphere topologies, or installing custom applications, WebSphere CloudBurst delivers the ability to produce highly customized WebSphere environments, and store them on the appliance for maximum reuse, either in the form of custom virtual images or custom WebSphere patterns.
Subsequent articles in this series will provide details on how these different customizations can be achieved using the WebSphere CloudBurst Appliance.
- More in this series
- Cloud computing for the enterprise (series)
- WebSphere CloudBurst Appliance product information
- Cloud Computing Journal
- Is there value in cloud computing?
- IBM developerWorks WebSphere
- Space: WebSphere Cloud Computing for Developers
- Space: Cloud Computing Central
- YouTube: WebSphere CloudBurst Appliance videos
- Forum: WebSphere CloudBurst Appliance Forum
- Blog: A view from the clouds: Cloud computing for the WebSphere developer
- Follow us on Twitter