Comment lines by Ruth Willenborg: The "special sauce" inside the WebSphere CloudBurst Appliance

The secret ingredient inside the new IBM® WebSphere® CloudBurst Appliance and IBM WebSphere Application Server Hypervisor Edition isn't a secret, but it is revolutionary. This article reveals the "special sauce" inside these two products that differentiates them from general purpose provisioning and virtualization management products. This content is part of the IBM WebSphere Developer Technical Journal.


Ruth Willenborg, Senior Technical Staff Member, IBM

Author photoRuth Willenborg is a Senior Technical Staff Member in IBM's WebSphere Technology Institute. Ruth is currently working on WebSphere Cloud computing and virtual appliance initiatives, and is the technical evangelist for the new IBM WebSphere CloudBurst Appliance. Prior to her work on virtualization and appliance initiatives, Ruth was the manager of the WebSphere Performance team responsible for WebSphere Application Server performance analysis, performance benchmarking and performance tool development. Ruth has over 20 years of experience in software development at IBM. She is co-author of Performance Analysis for Java Web Sites (Addison-Wesley, 2002).

developerWorks Contributing author

30 September 2009

Also available in Chinese Portuguese

Revealing a secret recipe

In June, IBM delivered two new first-of-kind products, IBM WebSphere CloudBurst™ Appliance and IBM WebSphere Application Server Hypervisor Edition. Several of us involved in the products grew up with the “two all-beef patties, special sauce…” jingle, so on a WebSphere Hypervisor Edition chart, we wrote in “special sauce” for lack of a better two-word description for what notable "ingredients" had been added inside the product. Now, I frequently have folks asking, “What is that special sauce?”

What is inside WebSphere Application Server Hypervisor Edition is meant to be special, but it was never meant to be secret. This article takes a look at what this special sauce really is. In addition, we’ll look at how the special sauce -- or configuration optimizations if you prefer -- is leveraged by WebSphere CloudBurst to set the solution apart from general purpose virtualization and provisioning products, or to provide vastly superior ease of use over a do-it-yourself solution.

WebSphere Application Server Hypervisor Edition

WebSphere Application Server Hypervisor Edition (hereafter referred to as WebSphere Hypervisor Edition) ships as part of the WebSphere CloudBurst Appliance; it is also available separately. WebSphere Hypervisor Edition is a pre-installed, pre-configured version of WebSphere Application Server, specifically designed for virtual environments. Our charts frequently show the composition of the virtual image as an operating system, WebSphere Application Server and IBM HTTP Server binaries, and WebSphere Application Server profiles, along with the “special sauce.”

Okay, so what is this special sauce anyway?

It’s a combination of code and tuning built into the image to optimize WebSphere Application Server for a virtual environment. The main elements include a pre-installed and pre-configured image, image-specific tuning, and fast deploy-time activation capabilities, as shown in Figure 1.

Figure 1. WebSphere Application Server Hypervisor Edition
Figure 1. WebSphere Application Server Hypervisor Edition
  • Pre-installed image

    First, the operating system, WebSphere Application Server, feature packs, IBM HTTP Server, and any operating system or WebSphere Application Server maintenance are pre-installed in the image. In addition, VMware tools are also preinstalled into the image. Using images is quite different from traditional provisioning products that deploy WebSphere Application Server (and other products) by running silent install scripts, even in a virtual environment. Imaging is much easier (you don’t need to write and maintain installation scripts), and much faster because the installation code is not run at deploy time. You never need to install WebSphere Application Server or the operating system, or develop scripts to do this. With the WebSphere Hypervisor Edition, IBM has already done the installation for you, and created profiles ready for customization for your environment. Maintenance is also available as fully-installed images.

  • Tuning

    Since IBM is pre-installing both WebSphere Application Server and the underlying operating system, the image can be specifically tuned for optimal performance in a virtual environment. The Linux® operating system settings, including file descriptors, connection backlog, and timeouts, are tuned following best practices, as shown in the table below. In addition, WebSphere Application Server tuning of the JVM heap and threads pools is automated based on the size of the virtual machine.

    VMI kernelInstalled/enabled
    Linux file descriptors8192 (increased from 1024)
    Connection backlog3000 (increased from 1000)
    TCP timeout/timewait30 seconds (reduced from 60)
    TCP keepalive interval15 seconds (reduced from 75)
    TCP keepalive probes5 (reduced from 9)
    Web container10 threads * {# vCPU}
    Java heap({virtual memory} – 768MB) / {# JVMs}

    All these optimizations could be done by hand, and none are proprietary or secret (in fact, they’re also documented in the WebSphere Application Server Information Center ). However, using the image provided by IBM provides a better performing starting point, with no effort required. Performance testing on the WebSphere Hypervisor Edition image versus a standard out of the box configuration shows a 25% performance benefit with WebSphere Hypervisor Edition. Of course, you can further refine WebSphere Hypervisor Edition tuning for your specific application needs.

  • Configuration

    In addition to installing the products, the image includes pre-configured WebSphere Application Server parts for the deployment manager, custom node, standalone node, job manager, and so on. Having these common profiles pre-configured in the image again saves significant deployment time, compared to traditional deployment processes where profile creation is done later via scripting. This technique also saves time on script development.

  • Activation

    While the pre-installation, configuration, and tuning is nice, I consider activation the real "secret ingredient" in WebSphere Hypervisor Edition. The activation capabilities support having this one image transform into different WebSphere Application Server configurations when it is initially started. This enables one template image to be copied and quickly reconfigured for very rapid provisioning of different WebSphere Application Server environments. This is accomplished through “activation code” included within the image that reads input parameters, maps these parameters to different pre-configured profiles, and performs reconfiguration.

    Specifically, during activation, reconfiguration scripts inside the image inject the new network settings (IP address, hostname, passwords, and so on), reconfigure WebSphere Application Server parameters for cell name, node name, and so on, and start the WebSphere Application Server profile corresponding to the server type. Replacement or injection of the configuration metadata for both the OS and WebSphere Application Server profiles provides a significant time savings. The activation enables an image to quickly assume and adjust for new network settings, passwords, and WebSphere Application Sever personalities, from deployment managers, to custom nodes, and job managers. This integrated activation lets you maintain and deploy just one master template image and reuse it for many purposes -- a significant difference from traditional image-based techniques that often lead to many master images, often with minor and untrackable differences.

    To further leverage the intelligence within the image, the image packaging and activation engine implementation corresponds to the new Open Virtualization Format (OVF) standard, in which IBM is working closely with the Distributed Management Task Force (DMTF). The operating system and WebSphere Application Server activation parameters (host names, cell names, and so on) can be passed following the OVF standard, and the activation engine looks for the OVF environment file ISO image containing the name/value pairs following the standard. The image configuration parameters available are specified in the OVF. Following the OVF standard enables the image parameters to be passed in and have the image activate with no manual intervention, which means management solutions (including WebSphere CloudBurst) can drive all the deployment and activation under the covers. This is very different from traditional image and cloud solutions, which require any reconfiguration to be performed manually in each virtual machine, or require network isolation between each deployed environment.

WebSphere CloudBurst Appliance

Leveraging the special activation capabilities within WebSphere Hypervisor Edition is the starting point for what truly separates WebSphere CloudBurst Appliance from both general purpose provisioning and generic virtualization management technologies. From this starting point, WebSphere CloudBurst then adds ten years of WebSphere Application Server best practices intelligence (in the form of patterns) on top of WebSphere Hypervisor Edition. Additionally, WebSphere CloudBurst uniquely and purposefully packages the images, patterns, and management capabilities together in an appliance form factor.

  • Patterns

    General purpose provisioning tools typically run scripts to install and configure products, whereas virtual image technology typically take snap-shots and copy pre-created, identical virtual images. By contrast, WebSphere CloudBurst rapidly brings whole new, unique WebSphere Application Server application cell topologies to life by combining intelligent metadata-based patterns with WebSphere Hypervisor Edition images. The WebSphere Application Server patterns are a combination of metadata and scripts that leverage the activation technology within the image to take a single image and start it up multiple times, feeding in network parameters and corresponding hostnames, node names, and cell names to create entire topologies. Intelligence built into the patterns supports feeding parameters across images so that custom nodes, deployment managers, and IHS nodes are all wired together and started in the correct order. Further intelligence automatically constructs high availability messaging, global security, or session persistence as per the pattern definition. The placement algorithms take into account both the hypervisors and the underlying physical servers to optimize the placement of a pattern for availability if a physical server goes down, as well as for overall cloud performance.

    Compared to traditional provisioning tools, the performance of this image-based technology is unprecedented. In addition, compared to typical image-based solutions that use snap-shot and copy techniques, WebSphere CloudBurst patterns (with customization, scripts, and parameters) provide a far more controlled, traceable, and repeatable process. Because a single image is being used as the starting point, with well-defined patterns for parameterizing differences between deployment, the resulting virtual machine content and the difference between deployments is easily understood. Processes for managing deployment differences across environments (for example, development to test to production) and sharing images across different organizations are easily supported within WebSphere CloudBurst.

  • Appliance form factor

    As the WebSphere CloudBurst capabilities are built into the appliance form factor, additional ease of use, performance, and security characteristics emerge. By delivering the images and the management application in an appliance, you can get up and running faster than ever.

  • Ease of use

    For the WebSphere CloudBurst capability, there is no need to acquire hardware, install and tune prerequisites, or install the management code. Even the WebSphere Hypervisor Edition images are included on the appliance so you don’t need to download or build images. Everything is self-contained on the appliance and ready for immediate use. All you need to provide are the target hypervisors and network. This is different from all traditional provisioning and image management solutions that require both installation and configuration of the management software as well as separately obtaining the software and building the virtual image templates.

  • Performance

    From a performance perspective, the appliance hardware and software is tuned together for optimal performance of your specific workload. This is different from traditional solutions where the customer is responsible for finding appropriate hardware, and then needs to tune the underlying operating system and application for the specific hardware.

  • Security

    The appliance form factor brings unparalleled security for a shared, private cloud environment. WebSphere CloudBurst is able to encrypt all data, and stores sensitive data, such as passwords and credentials, on encrypted flash memory inside the tamper-resistant vault. In fact, any attempt to physically compromise the appliance disables it and all internal media, at which point the appliance possesses all the utility and function of a brick. This provides higher security for customers who want to bring assets from multiple organizations together onto a single appliance. Non-appliance based solutions face a much higher risk of compromising these important credentials, either raising the risk of compromising credentials, or forcing a less than optimal approach for consolidation and sharing compared to what can be supported via WebSphere CloudBurst. WebSphere CloudBurst also includes an image repository, built into the appliance, which leverages encryption and sharding technologies. This provides optimized security, storage, and performance compared to a traditional software offering.


The benefits and value of the WebSphere CloudBurst Appliance and WebSphere Application Server Hypervisor Edition are no secret, and I hope you’ll take the time to look more closely at what these new products can do for you. We’re happy to discuss the “special sauce” within WebSphere Hypervisor Edition, and the capabilities of WebSphere CloudBurst. If you want to know more secrets, you’ll have to ask me, because the tamper-resistant features built into the appliance form factor mean you can’t just open the cover of the appliance to discover its secrets...!



Get products and technologies


developerWorks: Sign in

Required fields are indicated with an asterisk (*).

Need an IBM ID?
Forgot your IBM ID?

Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.


All information submitted is secure.

Dig deeper into WebSphere on developerWorks

Zone=WebSphere, Cloud computing
ArticleTitle=Comment lines by Ruth Willenborg: The "special sauce" inside the WebSphere CloudBurst Appliance