Containers are one way for enterprises to run software reliably in different computing environments. Red Hat OpenShift Container Platform (RHOCP) helps enterprises deploy and manage these containers. For enterprises provisioning RHOCP on IBM zSystems, it could take a week or more to do so. However, Jacob Emery, technical enablement specialist in the Washington Systems Center at IBM, says Ansible Playbooks can automate OpenShift cluster provisioning on IBM Z with Kernel-based Virtual Machine (KVM), the subject of his SHARE Dallas session. He spoke with us about how Ansible can help enterprises save staff time while maintaining customizability in cluster provisioning, as well as how Ansible can help transfer the skills necessary for the computing environments of tomorrow.
To run RHOCP on s390x architecture, enterprises can select hypervisor options IBM Z/VM or KVM, according to Emery. KVM is a virtualization module embedded in the Linux kernel and operates the same across architectures (e.g. x86, IBM Power, etc.), he explains. "Some clients use KVM because they already have the expertise to run it or because they already have IBM LinuxONE hardware and want to keep everything Linux-based," says Emery. "Essentially, the open-source hypervisor, KVM, provides users with a consistent experience across platforms, helps organizations avoid vendor lock-in, and stays true to the spirit of hybrid cloud's 'build once, deploy anywhere' philosophy."
Ansible Playbooks Improve Efficiency
"Ansible Playbooks are at the core of this method for deploying RHOCP," explains Emery. "It's not just using Ansible to call shell scripts or Terraform — it’s Ansible from beginning to end." Ansible is easy to understand and each task is a discrete action, which he says means it is already optimized for customization. "To deploy RHOCP on IBM zSystems, Red Hat provides a method of deployment called user-provided infrastructure (UPI), which expects the underlying infrastructure to be pre-configured by the time the installer runs," he describes. "With these playbooks, Ansible handles the essential deployment requirements while keeping it open to further customization, if needed. Overall, this provides an automated, simple, and flexible way to deploy RHOCP on IBM zSystems."
According to Emery, with Ansible Playbooks, less expertise is required, and it can take just about two hours to deploy the cluster. This is faster than the week or more it could take to deploy it manually. He clarifies, "It depends on some factors, like number of nodes, but we’ve done a deployment that took 1 hour and 12 minutes from the time we had all of the environment details all the way through to the operational cluster." Emery points out that Ansible skills are not required unless you want to customize the playbooks. The playbook instructions do "assume you have beginner-level experience of the command-line," he adds. "The automation takes care of filling out the Ansible inventory, and all the variables are input into one file for simplicity."
During the deployment of a cluster at a large bank in which they wanted four compute nodes and six infrastructure nodes to handle ingress routers, Emery's team brought up the cluster in an hour. However, the team soon realized they needed to make an infrastructure change. "We had to switch VLANs, which would result in a cluster reinstall," he says. "Normally, this would take a few days, if done manually. However, because we used Ansible automation, we only needed to change a few variables in the Ansible Playbooks, and the cluster was back up in 45 minutes."
Tips for Provisioning a Red Hat OpenShift Cluster
Emery offers the following tips for provisioning a Red Hat OpenShift cluster:
- Involve all parties who will be using the Red Hat OpenShift cluster before it’s deployed
- For firms running playbooks for the first time, do not run all of the playbooks at once
- Double-check variables before you start the playbooks
- Take advantage of the customizability of the playbooks
- Fork the GitHub repository so that any customizations you make to the playbooks are codified for others to use within your organization
He notes that many of the problems in the process stem from the variables in the playbook, so programmers should make sure they check the variables before deployment. Having everyone on board who will be using the cluster can ensure that programmers don't have to relaunch the cluster. Because Ansible Playbooks are free and open-source, they can be adjusted to meet the needs of the organization. Emery advises that programmers deploy Ansible Playbooks slowly at first, "until you get the hang of it."
Emery outlines a few examples of Ansible's flexibility. He notes that if an organization doesn't want the load balancer to be hosted on the bastion, it is already an available option and no customization is needed. However, if an organization needs the MongoDB default-port opened on the bastion’s firewall, it can be easily added to the list of ports in the set_firewall role.
Automation and its Benefits
According to Emery, automation allows an enterprise to move faster than the competition. "Provisioning is just one step in the process of getting the true value from Red Hat OpenShift," he says. "You want to make sure it’s done right, but at the end of the day, it’s just an item to check off on a list. The quicker, the better." Moreover, Emery states, "Automation frees up valuable time for your already busy systems programmers and infrastructure teams." For instance, automating these processes can improve auditing. "When someone wants to know how a cluster was provisioned, it’s all right there spelled out exactly how it was done," he adds.
Another advantage of automated processes, he points out, is that they can be improved over time. "If one person finds a solution to a problem in the process, they can tweak the automation and the problem is solved for everyone going forward," he says.
With nearly 1.1 million fewer workers in the labor market, according to the Institute for Employment Studies, competition for skilled employees is high at a time when the demand for mainframe skills is rising with more mainframe employees nearing retirement. Emery agrees that enterprises need more ways to transfer skills, as job candidates with certain technology skills are hard to find in a competitive job market. "Enterprises need to codify expertise, so that it can be passed to the next generation of their teams," he contends. "It's much easier to show someone how to use a set of Ansible Playbooks than it is to teach them decades of IBM zSystems and Linux administration skills needed to set up a cluster."
According to Emery, "Red Hat OpenShift is a great place for IBM zSystems clients to start their hybrid cloud journey, and it’s now easier than ever to deploy thanks to this automation." Emery adds that he is very excited to help enterprises on that journey, an experience that can save staff time that can be used for other enterprise needs, as well as offer other benefits to the overall organization.
Ansible Playbooks are available for download on GitHub, with step-by-step instructions, or take a look at Jacob Emery's article at LinkedIn, which describes the process in detail with pictures and code snippets.