UCD, UCD+P, ICO, and PureApp

As I mentioned on my last post, lots of changes happening. I have continued to change my role and have now landed as a cloud advisor. I am excited but enough about me.

What my new role has afforded me is to continue to explore and understand the various IBM cloud software solutions out there. It is an interesting landscape and is changing faster than ever. This post delves into IBM cloud provisioning and deployment solutions but leaves the on-premises/off-premises concept OFF the table. For the most part this discussion is concerned about the ability to automatically stand up an application environment regardless of its physical proximity to developer. So before I even dive into specifics, we can talk some general capabilities. The following list is not exhaustive and there are many more capabilities that the products I talk about are capable of. These are just the ones that I am interested in for this post. 

For the purpose of this post, the definition of the deployment stack, shown here, is the total of all the layers of technology needed to be created in order for a full application to execute.

stack2

Provisioning – As I said before, in this post I am interested only in the ability to automatically stand up new environments. This concept also assumes some type of pattern or infrastructure-as-code concept to enable the automation.

Deployment – For the sake of this post, deployment refers to the automated deployment of an application including its specific application configuration applied to a provisioned environment.

GO LIVE tasks – Those tasks that must occur for an application to GO LIVE that are above and beyond simply provisioning an environment and deploying the application. Tasks such as appropriate approvals, insure the app is properly monitored, backups are in place, property security and end point compliance policies, notifications are setup when things go wrong, etc. These important tasks are part of every operations teams set of responsibilities and have a large impact on production deployments.

Pattern – The ability to capture some part or all of the stack definition in a reusable artifact.  There are two pattern capabilities that we will talk about, vSYS (virtual system) patterns and HEAT.

Let’s now take a look at the IBM tools currently in this space. Big disclaimer here. There are many many additional solutions from the IBM portfolio many of which are highly customized and include a services component. These types of solutions are highly desirable in a hybrid cloud scenario where you need brokerage services to not only serve the line of business but also the ability to manage the provisioned environments across your hybrid landscape and the ability to manage cost and charge back across that same landscape. There are outsourced solutions from IBM that target unique cloud platforms.  For the purposes of our conversation here today, we assume we have a IaaS cloud solution that we want to take advantage of. In lieu of a big description of each product, I will simply list the capabilities that it provides (there are many more but these are the ones of interest for this post).

IBM Cloud Orchestrator – provisioning, patterns, deployment, go live tasks, BPM

UrbanCode Deploy – deployment

UrbanCode Deploy with Patterns – provisioning, patterns, deployment

PureApplication – provisioning, patterns, deployment

So that doesn’t help. Lots of overlap and obviously lots of details under the covers. Each product does a thing or two very well, so let’s look at the list again and I will expand on each capability highlighting its strength(s).

IBM Cloud Orchestrator

provisioning – ICO currently can provision nodes based on both types of patterns.  ICO can provision to many virtual environment both OpenStack based and not.
patterns – ICO currently supports 2 pattern technologies, HEAT and vSYS (virtual system). The vSYS patterns are the legacy pattern type. HEAT patterns are based on OpenStack and therefore require an OpenStack implementation. ICO has full editing capabilities for vSYS patterns, however ICO does not provide an editor for HEAT patterns.
deployment – while ICO doesn’t have a separate deployment capability, you are able to build into your vSYS patterns application components and Chef scripts that can ultimately deploy applications as part of the provisioning process. However this capability is not very scalable and is precisely why deployment tools like UrbanCode Deploy were created. HEAT patterns as defined by OpenStack definition do not contain deployment-specific capabilities (more details below).
GO LIVE tasks – ICO has a large list of pre-configured integrations to common operations tools to manage your go-live tasks.
BPM – ICO has a robust BPM engine allowing you to craft an detailed process that can be initiated through a self-serve portal. This allows you to string together your provisioning, deployment, and GO LIVE tasks into a single user-driven process.

UrbanCode Deploy

deployment – UCD’s strength is application deployment including environment inventory and dashboarding.

UrbanCode Deploy with Patterns

deployment – UCD+P includes UrbanCode Deploy and relies on it to deploy application components.
patterns – UCD+P is a full HEAT pattern visual/syntax editor. UCD+P also has encorporated HEAT engine extensions that allow the heat pattern and the engine to not only provision nodes but also execute Chef recipes from a Chef server and also deploy applications using UrbanCode Deploy. The resulting HEAT pattern is truly a full stack representation as represented by the picture above in a single pattern artifact.

PureApplication

provisioning – PureApplication software has the ability to provision nodes (I will leave it at that without going into all the different flavors. For the purpose of this discussion we are interested in PureApplication software that manages PureApplication systems.)
patterns – PureApp has numerous vSYS patterns that help to automate the installation and configuration of IBM middleware. The provisioning engine is robust and can orchestrate the configuration of multiple nodes that would make up an IBM middleware topology.
deployment – in the same sense as ICO, you can add application deployment information into your patterns but the same limitations apply.

So if we cherry pick the best capabilities out of each tool, we would grab the go-live tasks and BPM from ICO, the app deployment from UCD, the HEAT pattern editing and HEAT engine extensions from UCD+P, and the IBM middleware patterns from PureApp. There, we are done. Maybe at some point in the future this will be a single PID that you can buy. But until then, is it possible to string these together in some usable way?

Again, a big disclaimer here. I am not an expert here on this entire stack but hope to drive conversation.

OK, to begin let’s take advantage of the BPM capabilities of ICO and drive everything from here. The BPM capabilities allow us to construct a process that executes the provisioning tasks and the go-live tasks with the appropriate logic. You can envision a self-serve portal with a web page that asks for specific information for a full stack deployment. Things like the app, the type of topology to deploy the app on top of, the name of the new environment, etc. ICO would need the appropriate pattern to then use to provision. Here is where ICO can “grab” the HEAT pattern from UCD+P via an integration. It will then execute the provisioning via the OpenStack HEAT engine. This HEAT engine must have the UCD+P HEAT engine extensions applied to it. Since these extensions contain application deployment capabilities, the provisioning process will also utilize UrbanCode Deploy to deploy the application components to the appropriate provisioned nodes based on the HEAT pattern. The BPM process can also call the appropriate operations products to execute the go-live tasks either before or after the provisioning step in the process. Whew!!

So what is missing? It would be great to take advantage of the PureApp IBM middleware patterns which are bar none the best and most robust installation/configuration patterns available. A general solution here would be to include the appropriate Chef recipes as part of your HEAT pattern to get the middleware installed and configured and for non-IBM middleware solutions this is your best bet. But there is a lot of orchestration involved in setting up WebSphere clusters, for example, that are not easily accomplished using Chef or Puppet. PureApp has this capability in spades. The best practice in using PureApp today is to use UrbanCode Deploy to deploy the app to a PureApp provisioned environment as the patterns in PureApp are not HEAT-based. A lot has been invested in the PureApp patterns and what the future holds as far as other pattern technologies here is uncertain today. It is important to know that PureApp is the preferred solution when it comes to provisioning systems that will utilize IBM middleware.

This is the story so far and I am sure I have holes in my description above. I welcome any feedback and experiences.

UrbanCode Deploy with Patterns and its Integration with UrbanCode Deploy

Well it has been quite a while since I have posted and lots has happened in the past 3 months. The re-organization of IBM has caused some internal shakeup but I have landed in the Cloud group which still is the home of the IBM DevOps solution. So I get to keep my current trajectory. With that though I have tried to expand my horizons and learn some new things. I have started to look at UrbanCode Deploy with Patterns more closely. It will play a key role in the IBM Cloud software offerings and will be the center point of HEAT document editing.

To back up a bit, HEAT is the OpenStack project focused on orchestration. The mission of the OpenStack Orchestration program is to create a human- and machine-accessible service for managing the entire lifecycle of infrastructure and applications within OpenStack clouds. In other words, HEAT provides the ability to define full stack application definition in a human readable artifact. The HEAT engine then reads the artifact and farms out the necessary tasks to other parts of the Cloud infrastructure to fulfill the parts as defined in the artifact.

UrbanCode Deploy with Patterns (UCD+P) provides a rich editor that allows you to craft HEAT documents in a visual way. It also defines some custom extensions to HEAT that allow some additional capabilities that are necessary to provide full stack functionality. Let’s examine in more detail.

UCD+P provides extensions that allow you to assign components from UrbanCode Deploy (UCD) to nodes in the blueprint. The component drawer of the resource pallet provides the list of components available to the user that can be applied to nodes.

comp_drawer

The entries in this drawer come directly from the UCD integration. The first time you drag a component onto the blueprint canvas you are presented with a dialog. This dialog is to confirm the application that you want to associate to the blueprint. In UCD you will end up with a new environment of the application you choose once the blueprint is provisioned. Remember that components can be included in more than one application and therefore this dialog allows you to choose which one.

app_dialog

 

 

 

Here is a picture of a node after a few components have been assigned to a node.

blueprint

Now let’s switch over to the blueprint source view and take a look at the UCD information that is included. First we see the blueprint parameters. Notice the UCD values that are necessary when provisioning the blueprint.params

 

Next we can look at the component information. We see two different resources defined. The war file deploy component defines the type of server it is being installed on. The version property is important. UCD+P defaults to the LATEST component version. This is fairly unrealistic. There are most likely a limited amount of scenarios where the LATEST version of all components are installed. More likely would be a snapshot. Unfortunately as of the writing of this post there is no capability to specify a snapshot name. This would be easy to add to the “choose an application” dialog since snapshots are associated with applications. This will be my first UCD+P enhancement request. I encourage anyone reading this to also chime in on this RFE.

A few other details to note are found in the component configuration resource. Here we see the name of the component and the component process to use. Note that the process name defaults to “deploy.” I believe it assumes you will have a process named “deploy.” You can change it to something else if you want to use another defined process. This again would be easy to add to the user interface when dragging it onto the blueprint canvas. But this one isn’t as critical as users typically define a default deployment process named “deploy.” Also note the input property that is required (JKE_DB_HOST). This is defined in UCD as a component environment property and is picked up via the UCD integration. It is not clear if, for example, I have a process property that is required or some other property whether those will be picked up as well. Note that this property can be associated with a UCD+P property that is then gathered at provision time.

comp

 

The UCD+P integration to UCD is very powerful and these HEAT extensions allow us to define both storage, compute, and networking information along with UCD component info in the same blueprint making this a true full stack artifact.

Now I am sure you can image some things that are missing in this picture. I will give you some hints. First, it looks to me in the example that I have shown that the middleware installation (and non-application configuration) is being performed by UCD. I am not sure this is the best place to perform this type of task and maybe there is a better way to do it. Also, it won’t take long in talking with an operations team some additional activities that are necessary in a production “Go Live” scenario. Stay tuned to some additional posts on things coming down the pike to fill in some of the gaps in the full stack picture.

UrbanCode Deploy and SmartCloud Orchestrator (extended addition)

It has been awhile since I posted on the UrbanCode Deploy and SmartCloud Orchestrator integration to provide a self-service portal for one-click environment provisioning and application deployment. Part 3 finished with the idea that a simple generic process can be called to drive this entire effort. You can use the Self Service Portal of SmartCloud Orchestrator to provide the user interface for all of this.

I also brought up in Part 3 that there are some details that need to be worked out in order to make it a reality. At the time I did not have access to a system to work through those details. Since then I was able to meet with a team that has made it happen. I want to share some of those details for those that are interested.

genproc2If we look back at our generic process that was proposed in Part 3, there were three steps. Step 1 creates the environment from the blueprint. A few issues exist with the default “create environment” step that already exists. First, you may have more than 1 cloud connection. There needs to be a way to specify a cloud connection in this step. By all means you can specify a default connection but there needs to be a way to distinguish between cloud connections. The easiest way to do this is to find the UUID of the cloud connection and use that when specifying the connection.

The other area that is not covered are the node properties. Each node in your pattern may require property values. This is totally dependent on the pattern designer and how much flexibility is provided by the pattern. There are those that might argue that you should limit the variability of patterns but that requires unique patterns for each variable combination. Either way, there is most likely a need to specify node properties.

The easiest way to do this is to use a JSON formatted string to specify the node properties. There is a CLI entry called “getBlueprintNodePropertiesTemplate” that will return a JSON template that can be used to specify the required node properties for a given blueprint. Use this template as the basis for passing node parameters to the provisioning process.

To make all this happen, there is a REST API PUT call that provisions environments. Its URL looks like this: “/cli/environment/provisionEnvironment”. It takes a JSON input that specifies the application name, the blueprint name, the new environment name, the connection, and the node properties, among other things. It makes sense to me to create a new plug-in step that looks similar to the existing “create environment” step but adds 2 additional properties, the cloud connection and the node properties (in JSON format). You may need to get creative in how you populate the node properties JSON string. Since you can potentially have different node properties for different blueprints, you may need to work with your pattern designer to make things consistent. This is again where good cooperation between deployment and provisioning SMEs makes sense. If you want to expose any of these variables to the end user, you will have to make that part of the Self Service portal on the SCO end and pass those choices into the generic process as process properties.

The next step in our generic process is to Wait for Resources. While this step is easy is principle, it breaks down big time when we get to reality. Each environment can have more than 1 node. Even if you use the agent prototype name pattern you still will have trouble determining the agent names. The existing “wait for resources” plug-in step requires you to type in the resources to wait for. This does not lend itself to a dynamic and generic provisioning process.

The best approach here is to write a custom plug-in step to wait for the resources of the specific new environment that you are provisioning. And you will probably have to extend the REST client to add some additional methods. The first step is to get a list of all the resources that you need to wait for. You can use the “/rest/resource/resource” REST API GET method to get a JSON of all resources. You will have to parse this using the environment name (and potentially the base resource) to get all of the resources that are part of the environment. Once you get that list, you can use the “cli/resource/info?resource=” REST API GET call to retrieve a JSON of the resource status. if the “status” field shows “ONLINE”, then your resource is up and running. Another property you may want to create for this plug-in step is a wait timeout value. Waiting forever doesn’t make much sense and you would like to know if things go wrong. Building in timeout logic will insure you get some notification back whether things to well or not.

The final step is the Run Application Process step. We should be able to use the default one here.

I am hoping to post all the code at some point for this solution, but until I get approval you will have to be happy with what is here. I hope this provides some additional ammo for making that self service portal a reality.

UrbanCode Deploy and SmartCloud Orchestrator (Part 3)

In Part 1 we connected to the cloud provider and created a resource template from a virtual system pattern. In Part 2 we created an application blueprint from the resource template and mapped the application components to the blueprint. We then created a new application environment from the blueprint and the new virtual system was created. Once the environment is created and the agents come online, you can now execute your normal application deployment process onto the newly provisioned environment.

In Part 3, we will go one step further and explore what it would take to satisfy the ultimate goal of providing a true self-service environment creation mechanism for developers. Exploring this a bit further, let’s take a closer look at the use case.

The promise of cloud is that you can have readily available systems at the drop of a hat, or at least much much faster than ever before. As a developer, I have some new code that I have developed that I want to test in an isolated environment (we will explore some of the subtle but challenging details behind this idea at the end). It would be awesome if I could go to some portal somewhere and request a new environment be provisioned and my application deployed to that environment without any need for knowledge of SCO or UrbanCode Deploy. Well, this capability exists today.

To begin with, SmartCloud Orchestrator has a robust business process engine that allows you to create self-service capabilities with no need to understand what is under the covers. I have no experience in this but have seen thesco results. You can create processes and human tasks that can be executed from the SCO website. You then categorize your various self-serve processes.

The good part about this is that you have at your disposal a full development environment and run-time that can utilize existing programming concepts. Of course we will have to take advantage of the UrbanCode REST API or command line to be able to drive a deployment process.

Before going on, I want to confess that I have not had the opportunity to get this entire flow working from A to Z. I haven’t had access to a SCO environment and enough free time to make this all work. However, I am putting it out there because I believe this is doable.

In order to satisfy our desire to have a fully provisioned environment with an application deployed, we need to setup a process that can do the job. We can use a generic process to get our work done. There is a REST API call that can kick off a generic process and therefore our SCO self-service process can use this to drive this process. In principle, our generic process can look something like this:

genproc2

 

The first step is to provision the environment. This step requires the environment name, the application name, and the blueprint name. These must be passed into this process and therefore you need to make process properties that can be referenced by this step. NOTE: When we provisioned an environment using the UrbanCode Deploy GUI, it asks us for information that the cloud provider needs. I am not sure how that info is passed here. There is a new command line option called getBlueprintNodePropertiesTemplate, and its descriptions says that it “returns a JSON template of the properties required to provision a blueprint.” This would need to be used and populated to insure that all of the information is passed to the environment creation process. You might need to extend the create environment step to interrogate the blueprint, get the necessary properties, and insure they are all populated.If anyone out there has tried this, let me know what you find.

The other challenge we have here is that we need to insure the environment name is unique. There is an option in this step to insure that the environment name is unique and the plug-in step simply appends a random string to the end of the environment name. This poses a problem for the next step.

Step two is to wait for the environment to be provisioned. We need to wait for the resources (agents) that will come online once the provisioned nodes are spun up. If you remember, the agent names will follow a pattern. However, if we allow the previous step to make the environment name unique, we will not be able to predict the agent names. Therefore, our self-service call to this process needs to specify the environment name and insure it is unique.

Secondly, we need to somehow determine how many agents to wait for an their exact names. This will be a challenge and as of right now I am not sure how I would solve it. This would most likely require a new plug-in to be able to interrogate a blueprint, get the names of the agent prototypes, and then construct the list of agents to wait for. Again, some plug-in development is required here.

Once the agents have come up, we can now deploy our application. This step is easy enough and we can call a well known deploy process for the application to do the installation. But there is another challenge here. Deployments can either be done using a snapshot, or you have to specify the versions of each component. Snapshots are easy, but if we remember back to our original idea, a developer has some new code that he/she wants to test. Typically snapshots are not created until a group of components have been tested together. So we have a choice. We can either have the environment provisioned from an existing snapshot, and then have to manually add our own updates to test. Or we have to provide some mechanism to update/copy an existing snapshot to include a baseline plus the new stuff. This could take on lots of possibilities, but a thorough examination of the use case would be required in order to develop a solution. This also may not be the use case we care about.

One additional solution would be to go a much more custom route and write an application that does this instead of relying on existing plug-in steps. The REST API and command line API are very rich and we can ultimately get to and produce all of the information we need. But it is nice to rely on existing capabilities and processes are much more robust and flexible than a custom solution. But as we have seen above, there are enough nuances in this effort that will require some plug-in extensions or creation that it might make sense to go the fully custom application route.

Happy self-service!!! Let me know if anyone takes on this challenge.

UrbanCode Deploy and SmartCloud Orchestrator (Part 2)

Back to our story. In Part 1, we connected to our cloud provider (SCO) and created a resource template from a virtual system pattern. We then organized our resource template and created some resource properties that will no doubt become useful in component processes that will deploy to this pattern.

The next step is to now switch perspectives and put our application hat on. Applications are deployed to environments, and UrbanCode Deploy allows us to create environments from resource templates. But first we have to map our application to the resource template. This is done via an application blueprint. This is a one time exercise for any given application/resource template combination. Many environments can be created from a single application blueprint.

The blueprint creation process from a resource template is very easy. On the blueprints tab of an application, you simply click the Create New Blueprint entry. You simply give the blueprint a name, description, and chose the resource template you want to map to.  The blueprint is created.

You now need to map your application to the blueprint. This involves simply assigning your application components to the agent prototypes. In our example, we have a 3-tiered pattern and we have to map each of our 3 components to the 3 tiers. After mapping, the blueprint looks like this. We have a simple 3-tiered application that will map easily to this pattern.

blueprint

The database component maps to the database tier node. The web service component maps to the application server tier node. And the web component maps to the web tier node. This makes sense. But what if we had different sized virtual system patterns and corresponding resource templates.

For example, what if we had a small single node pattern. Our blueprint mapping would look like this. We have a 3-node app server tier, so we simply map the web services component to all 3 of the nodes in that tier.

big

Or maybe at the other end of the spectrum, we have a small pattern with only a single node. In this case we could create a blueprint that would map all 3 components to the same node.small

Mapping our application to a resource template using a blueprint now gives us the final piece we need to be able to create a new application environment. newenv

The process of creating an environment from a blueprint will cause a new virtual system to get created from the virtual system pattern. You may have to select location in your cloud provider for the nodes to get created. There also may be some properties that the pattern requires for each node (if you have done any SCO work, you know there there are typically many properties values that are needed for the various script packages that you include in a node pattern).

 

 

 

cloudprops2

Once you click save, UrbanCode Deploy kicks off the provisioning of the new nodes that make up the new environment in SCO.  We can now go and check the resources and see what agents we are waiting for.

waiting4resources

As you can see, we have 3 agents that are waiting to come online. The agent names are important. You can see that they follow a pattern:  <application>_<environment>_<agent prototype>.

This is valuable information to have as you will most likely have to get agent properties as part of your deployment process. You can use the Get Agent Property component process step to get an agent’s IP address, for example. When specifying the agent, you would use something like the pattern:

${p:application.name}_${p:environment.name}_${p:resource/ws.node}

Remember in part 1 when I mentioned that I like to capture the agent prototype names as properties in the top level folder of the resource template.  This is where they come in handy.

Once the agents come online (if you put the agent script package at the end of each node in the pattern), then you can be sure that the environment is ready for deployment. You can now execute your normal application deployment process to your newly created environment.

Pretty simple and pretty efficient. In part 3, we will explore how you can create a developer self serve portal where developers can request environments with no interaction with UrbanCode Deploy.

 

 

 

 

Taking Continuous Delivery to the Max

Now that we have some large UrbanCode customers under our belt, we can now look at some of the metrics involved in deploying a continuous delivery solution like IBM UrbanCode Deploy.  There are definitely some hard measurements that can be taken. You can easily look at a simple metric like the time it takes to perform deployments.  Time savings is the easy valuable result the comes from automation.  Don’t forget to take into account the amount of time it takes to create the automation, but once it is in place, the more times it is utilized the bigger return on that investment.  Over the landscape of an enterprise and a duration of a year or two, your investment in automation in a continuous delivery solution can pay for itself.

But let’s be honest, automation has been around for years and no sys-admin is on the job for more than a day without building a script to automate something.  Automation has always been a valuable component to deployments.  Using a continuous delivery solution helps to capture that automation into reusable chunks so that it can be extrapolated across the enterprise.  But I will say that I have run across some organizations that have been pretty good at this before “continuous delivery” was first uttered.

tent-center-poleSo what are some other long poles in the deployment tent?  I once consulted at a customer that had a testing data center that so large that you literally couldn’t see the opposite wall.  There was more hardware in that room (and consequently more needed power and cooling) than I had ever seen. Despite this, it was a 6 month wait to get an available test environment.  You would think that with that much computing power under one roof that you would have immediately available systems.  However, at any given time more than half of the systems in that room were in “transition” from one testing environment to another.  The process of provisioning an environment for a specific application (at that time) took a lot of manual labor and your request was put on a queue that took time to get to.

So to me to get the biggest bang for your buck in continuous delivery is combining deployment automation with system provisioning.  And taking it even a step further, provisioning a physical system is one thing, but Cloud solutions bring even more to the value proposition by removing the need for physical deployment targets.

Improvements to IBM UrbanCode 6.x have been made to help bring integration with provisioning and Cloud as a standard capabilility.  I will spend more time in a future post or two on this, but here is the high level process.

1.  Prepare the Cloud – a deployment pattern is created in the cloud catalog.  This pattern specifies the process of creating an infrastructure for an application.  The pattern codifies enterprise standards and insures consistent infrastructure.  Part of the pattern should be installation of the IBM UrbanCode Deploy agent.  When the nodes of the pattern are booted up they will communicate with the UrbanCode Deploy server.
2.  Import the Cloud pattern into UrbanCode Deploy – this will create a new Resource Template that has an Agent Prototype for each node in the pattern.  Properties that need  to be specified for the pattern are captured as UrbanCode Deploy properties.
3.  Create a new Application Blueprint that specifies the Resource Template created above.  The blueprint binds application information (components) to the Agent Prototypes in the template.
4.  Now create a new Application Environment based on the Application Blueprint.  You specify your Cloud connection properties as well as any properties needed by the Cloud pattern.

The result of all of this is a newly provisioned Cloud environment with your application deployed to it.  Nice.

In a future post or two, I will go into some of the specifics of this solution.  But needless to say, the value proposition of this solution is the promised land of continuous delivery.