on IBM Z and LinuxONE Regis Paquette, IHV Director, Canonical Ivan - - PowerPoint PPT Presentation

Value of Ubuntu

• n IBM Z and

LinuxONE

Regis Paquette, IHV Director, Canonical Ivan Doboš, Solutions Architect, Canonical

Agenda

Business updates - 15’

company, market, Z partnership, customers

Technical updates - 15’

roadmap, security, containers, MaaS, Openstack

Q&A - 15’

mission statement

• #1 software from developers
• #1 cloud OS
• #1 linux desktop
• free software
• free tools
• support is optional
• 100% open source
• ‘upstream only’
• hybrid by design
• latest and greatest linux kernel
• releases on time, every time
• feature parity across platforms

Delivering the economics and agility of hyperscale innovators to enterprises globally

Cloud Edge

60-80% 55% 70% 90%

Public cloud Private cloud | Containers | Serverless Edge of network / IoT

company update

Public cloud Private cloud | Containers | Serverless Edge of network /IoT

Cloud Edge

Elastic hybrid cloud Transactional Edge ( IoT )

customer traction

infrastructure trends

Hybrid cloud adoption

Private + 2 x Public will be the norm

Containers

All pervasive change to infrastructure

New workloads

Machine learning, Artificial intelligence & Blockchain

Big Software challenge

Sharing of Ops code to be norm

• Acceleration of use of public IaaS (AWS, Azure, Google) based on developer demand and CTO / CISO

concerns being addressed

• End state will be hybrid cloud for all orgs (i.e. Private cloud and 2+ public IaaS suppliers)
• Private IaaS will being aggressively economically benchmarked vs public IaaS. Modernisation

needed

• Evolving standards to avoid lock-in (i.e. policing of services & APIs being used)
• Modern app development will be micro-services using containers NOT virtual machines
• Extensive organisational & developer demand for modern container infrastructure
• Battle of container schedulers playing out - Both Docker Enterprise Edition & Kubernetes with real

traction

• Trade-offs between Monolithic PaaS (Pivotal Cloud Foundry & OpenShift) vs CaaS (using a

container scheduler and best in breed workflow solutions). Most orgs will do both.

• New building blocks driving very significant waves of innovation / disruption
• ML and AI will be both embedded in ISV provided applications and be used directly by industry
• GPU acceleration will be common
• Innovation originates with Hyperscalers and is often open-source
• The amount & complexity of software that organisations need is increasing exponentially
• There is a skills gap around development and particularly operations impacting business
• Recruitment & retention harder than ever - Competition from Hyperscalers and start-ups
• Will require broad adoption of Netflix / Google style ‘Application / service modelling’

update on IBM Z partnership

2nd major release 18.04 LTS: cloud native, bare metal provisioning, machine containers Support now available to IBM Business partners Adding entry level configs with per IFL pricing

case studies

IBM Beacon Innovation Awards 2017

• LinuxONE and Ubuntu deliver pervasive encryption of data,

workload isolation with security and massive scalability.

• Ubuntu provides the platform openness for the community behind

the project

• Hyperledger Fabric provides the blockchain infrastructure, and

Hyperledger Composer is an extensive, open development toolset and framework to make developing blockchain applications easier

• LinuxOne and Ubuntu deliver best in class cloud native environment

that is attractive to any public cloud developer.

• T1RC started to have a too strong dependency of its applications to

Public Cloud.

• Ubuntu was the platform of choice of the developers who could

leverage a familiar environment on-prem from OS to container

• rchestration.

Bring your developers from public to private Z cloud with Ubuntu

T1 Retail Company

Agenda

Business updates - 15’

company, market, Z partnership, customers

Technical updates - 15’

roadmap, security, containers, MaaS, Openstack

Q&A - 15’

IBM Z and LinuxONE - Tested platforms

Please see more details and all footnotes at: http://www.ibm.com/systems/z/os/linux/resources/testedplatforms.html

14.04 14.10 15.04 15.10 16.04 16.10 17.04 17.10 18.04 18.10 19.04

Ubuntu 14.04 LTS Ubuntu 16.04 LTS 5 years

14.10

5 years

15.04 15.10

Ubuntu 18.04 LTS

16.10

18 months

17.04 17.10 18.10

Consistent Release Cycle

5 years long term support (LTS) every 2 years

https://wiki.ubuntu.com/Releases https://wiki.ubuntu.com/LTS https://en.wikipedia.org/wiki/List_of_Ubuntu_releases

5 years

Extended Support / ESM (Security only), like for Ubuntu LTS 12.04: https://www.ubuntu.com/support/esm https://insights.ubuntu.com/2017/03/14/introducing-ubuntu-12-04- esm-extended-security-maintenance/ in development end-of-life in service non-LTS aka development releases

IBM Z 14 - Toleration / Exploitation

Toleration with 16.04 LTS (via backports) and 17.04 and 16.04.3 LTS+HWE (via upstream) First Exploitation with 18.04 LTS and 16.04.5 LTS+HWE (via upstream)

Ubuntu 18.04 LTS (Bionic Beaver)

• The codename for the next LTS release 18.04 release is 'Bionic Beaver' or in short 'Bionic':

https://launchpad.net/ubuntu/bionic

• Bionic Release Schedule: https://wiki.ubuntu.com/BionicBeaver/ReleaseSchedule

alpha 1: Jan, 4th, alpha 2: Feb, 1st; final beta: April, 5th; planned release: April, 26th

• Current and Planned components:

○ Kernel 4.15 (incl. Meltdown/Spectre patches) ○ Qemu-KVM 2.11 ○ Libvirt 4.0.0 ○ GCC 7.2 (7.3) ○ GDB 8.1 (9) ○ Python 3.6.4 (and still 2.7) ○ Perl 5.26 ○ Ocaml 4.05 ○ Netplan 1.10 ○ glibc 2.27 ○ docker.io 17.03.2 ○ CDO Queens (Canonical Distribution of OpenStack)

Security Efforts

• FIPS 140-2 Level 1
• completed for 16.04 LTS for modules and hardware listed here
• Common Criteria EAL 2
• In progress, also in coordination with IBM Z team
• Defense Information System Agency - DISA STIG
• Center for Internet Security (CIS) Benchmark
• Contacts: security@ubuntu.com

https://wiki.ubuntu.com/SecurityTeam/Contacts

• Further information at:
• https://wiki.ubuntu.com/Security/Features
• https://wiki.ubuntu.com/Security/Certification
• #ubuntu-hardened on IRC
• ubuntu-hardened mailing list

Information about Spectre:

• minimal Kernel levels required:

○ >= 4.4.0-111 ○ >= 4.13.0-30

• https://ubu.one/uMelt
• Meltdown, Spectre and Ubuntu:

What you need to know

• Mitigation Controls

Canonical OpenStack

14

Nova Horizon Keystone Ceilometer /Telemetry Neutron

Ubuntu 16.04 LTS MAAS

Management & Automation Infrastructure Services Cinder Swift Glance Landscape & Autopilot Juju

tbd for z

• The Canonical Distribution Of Kubernetes:

https://jujucharms.com/canonical-kubernetes/

Full support of s390x for 1.8 and newer (starting October 2017)

• Kubernetes Discoverer - consulting engagement
• Kubernetes Bootstack - Managed service

Canonical & Kubernetes

• ICP runs (also) on Ubuntu
• Kubernetes workers supported on s390x

1

Create LPARs and install Ubuntu server into LPARs as usual

2 3

KVM VMs created and OS deployed into VMs using MAAS API more efficient use of resources by dynamically allocating hardware

MAAS KVM pods support

MAAS - IBM Z and LinuxONE

Configure KVM in Ubuntu host and register KVM in MAAS as a pod (type virsh)

• Ability to build a HW

heterogeneous cloud including IBM Z managed by MAAS

• Full cloud experience with MAAS

+ Juju

• Cross LPARs / servers experience

○ Cloud regions and HA zones

• Resources allocated only when

needed

• Benefits from IBM Z scale-up

features

• Standard PXE boot now available

with KVM for IBM Z

Cross LPARs experience on IBM Z and LinuxONE

LXD Clustering

LXD

Thank you. Any questions?

42014442USEN-00