In the session, Transforming Z Applications with APIs, CI/CD and Modern Languages, SHARE Phoenix Best Session winner Keith Wilson, technical architect at USAA, laid out USAA’s journey in transforming its critical enterprise applications running on the Z platform to participate in its API ecosystem.
In Wilson’s experience at USAA, one of the first major strides in transforming its mainframe applications was API-enablement of Z applications. “We started this a while back when we were first thinking about SOA enablement. Then we started thinking about APIs, and we stood up our own infrastructure to do so,” he says. “Now with z/OS Connect EE v3.0, we were able to enable quite a few APIs and services, in many cases without changing code.” The second major stride was in delivering continuous integration and continuous delivery (CI/CD) pipelines. “We started with ‘build-and-deploy’ pipelines to get our feet wet. Then we put unit testing in there. Now we include pretty much all of the stages for a rich set of pipelines for APIs and other modern applications (e.g., Java) for Z,” Wilson says.
To transform Z applications with APIs, CI/CD, and modern languages, Wilson says, companies need to first get buy-in from executives to help champion the transformation of the Z platform. In addition to executive buy-in, companies also should keep in mind that transformation does not necessarily require re-platforming.
“Solutions to business problems run where they are most suited to run,” says Wilson. “You should represent your Z services as resources in a RESTful way and outline how they will be the fastest way to modernize/transform your applications, while preserving the investment into those applications while getting there.” Finally, he adds that developers should keep the long-term supportability of the application, or total experience of ownership (TXO), in mind when they deliver solutions. Companies need to retain the experience of the IT team that supports the application, even as the team supports the non-functional requirements of these solutions.
Wilson says, “That’s where DevSecOps comes in. The more we can automate the software development life cycle experience for the developer community, the better. So we shouldn’t leave behind those that support our critical apps on the Z platform. Technically, we can support these activities with many of the same tools used by the developer communities working on non-Z platforms.” Tools that can be used in both environments include Git for source, GitLab for SCM, Gradle for Java builds, JUnit for unit testing for Java apps, SoapUI Pro for unit testing of APIs, Artifactory for version control of binaries/executables, Urbancode Deploy for pushing artifacts to prod or other runtime environments, and qTest as a repository for publishing results of testing. “We are using GitLab-CI for the pipeline orchestration, which is similar in experience to using Jenkins,” he explains.
Benefits of Modern Languages
Modern languages like Java, Swift, and Node with Z are more familiar to incoming talent, Wilson says. “The challenge is that, realistically for us, adoption depends on the communication between these modern languages and traditional languages,” he explains. “We’ve been using Java for a while, mostly in batch, and it doesn’t interact with any other language.” However, Wilson adds, “Swift and Node look very promising based on the proof of concepts we’ve been engaged in. We have viable use cases to use both Swift and Node.”
When thinking about transformation, pipelines, and modern languages, Wilson says z/OS Connect is the fastest way to API-enable existing Z apps. “All of the major Z subsystems are supported, and in many cases, no changes are required. If you have custom connectivity code between the subsystem (e.g., CICS or IMS) and the business application, then there is more to consider, but it has been our experience that it is all doable.”
Challenges of Pipelines
Pipelines for traditional Z applications are a bit more challenging, as some of the technology being used to create these APIs is relatively new. Wilson advises picking out an easy app and a more complex one to start with, delivering them both early, and then adding in more apps of varying complexity over time. Gradually, Wilson says you create a pipeline through which APIs can be built and deployed. “As you provide a pipeline, include the new Source Code Management, the build, and the unit test at a minimum, along with the deployment. Automated testing is paramount,” he emphasizes. “Proving that pipelines are doable within the Z space can be done by supporting APIs first.”
Wilson says Java SE applications (batch and CICS) can be done with no hassle, and Node is a viable solution for standing up non-EE servers on Z. “You can run simple apps without having to run under traditional transaction management systems,” he explains. “Both Swift and Node have some interlanguage capabilities, and so you’d have to see where it can be applicable to your environment.”
Speed Up the Process with API Pipelines
The DevSecOps process helps IT deliver higher quality business capabilities more quickly, Wilson says, because pipelines can automate a number of manual steps, and they must include, at a minimum, unit testing. Depending on the component/artifact type, these pipelines also include other levels of testing. “Moreover, these API pipelines make it easier for new talent because the tools used to build-test-deploy are likely similar in look-and-feel to what they have used on non-Z platforms or in school,” Wilson says.