November 29, 2021 By Adam Jollans 3 min read

Red Hat OpenShift is perhaps best known for providing a platform for developing and deploying cloud-native, microservices-based applications.

But when the IBM Z Firmware development team in Germany were looking to modernize their DevOps process, they found the ideal environment in Red Hat OpenShift running on IBM Z.

Scalability and Security

IBM Z systems sit at the heart of many of the world’s biggest companies and most critical workloads. Optimized for performance, security and reliability, IBM Z is designed to handle billions of transactions without missing a heartbeat.

The IBM Z firmware layer sits between the physical hardware and the operating system, and executes many of the low-level operations of the IBM Z system. Creating and maintaining this layer is the responsibility of the IBM Z Firmware development organization, which includes hundreds of developers.

The challenges the team faced were similar to those faced by many large development organizations – flexibility, security, and availability, especially combined with the need to scale. How could existing Jenkins setups be easily extended to add new workers? How could the existing login server be updated to support new security requirements? And how could runtime environments be designed with high availability in mind?

“The DevOps process is based around a large code pipeline, moving from source code management to binary repositories to automated testing, all managed by Jenkins scripts and workers”, commented Ralf Schaufler, IBM Z Firmware Integration Architect. “Supporting this are tools for bug tracking, access control, and backup.”

Technical Solution

The team looked at various options and decided to go with Red Hat OpenShift as this provided a secure enterprise DevOps capability, as well as a CI/CD pipeline. Although most of the IBM Z Firmware artifacts run on the IBM Z architecture (s390x), some run on x86 – and so OpenShift’s support for heterogeneous environments could offer additional benefits in the future.

The next question the team faced was whether to run OpenShift in the cloud or on-premises on Z. They determined that the cloud would be a more expensive option, especially as they have a fairly static environment of hundreds of users. In addition, running OpenShift on-prem on IBM Z enabled them to co-locate the development environment next to the test environments. This dramatically reduced the time taken to transfer IBM Z firmware images between development, simulation, and new hardware – and increased security by locating all these environments in the same protected zone with local access only.

“The first use case we implemented was to migrate their multi-user development server to ‘interactive containers’ running on Red Hat OpenShift on IBM Z”, said Edmund Breit, Senior IT Specialist, IBM Z Firmware Delivery & Suppprt. “This enabled us to use the access control features of OpenShift and meet the IBM security requirements for developers.”

The next use case they deployed was to use Jenkins for the Continuous Integration and Development (CID) pipeline within Red Hat OpenShift, supporting greater scalability and enabling updates to be packaged and then included in the next driver update. This simplified the pipeline automation, and can also potentially enable future multi-arch support for both s390x and x86 firmware production in the future.

“We’re now looking at further use cases, including supporting virtual machines as well as containers, wider options for persistent storage, and additional CID services”, added Edmund.

“The migration of the DevOps process to OpenShift on Z has proved very successful and delivered a more secure and scalable approach,” continued Ralf. “This has also been helped by the Red Hat OpenShift for Z development team being close by in the IBM Boeblingen lab.”

>>For more information about Red Hat OpenShift and IBM Z, read the IDC sponsored white paper “Building the Open Hybrid Cloud: Red Hat OpenShift, Enterprise Linux, and Ansible on IBM Z, LinuxONE, and Storage.”

Was this article helpful?

More from Cloud

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters