Recently I’ve had several discussions with customers that all amount to answering the same question, which is “If Patterns in PureApp make things so easy, why can’t you have your pattern address all my issues right out of the box?” A closely related question is “Why do I need a team to build and customize patterns? Why can’t IBM do that before I get them?”
The answer to these questions is actually pretty straightforward. Patterns in IBM PureApplication System capture the expertise of experts in a number of areas – in installation and configuration, in performance, and other areas, but they can’t capture all of the expertise that is specific to your particular environment out of the box. Your operations team knows your unique environment – in order for the pattern to fit into your environment we need to combine their knowledge with the knowledge that our experts provided when they originally authored the pattern or the elements that you will build into your own patterns. In particular, there are three areas of non-functional requirements that usually require some customization in your patterns that we have found. These are the areas of reliability, security and maintainability.
- Reliability: The problem here is that not all applications need the same level of resiliency and redundancy in the face of failure. Let’s take a simple example – if you have a simple pattern consisting of one WAS node and one DB2 instance then how resilient is that? If you cluster the WAS instances, then you are immune to a single failure of a JVM. However, what about your DB2? Do you need High availability there also? In some cases you may and then you will need to set up the DB2 HADR pattern so that you have a separate primary and secondary database. What about backup and restore? Applications differ in this respect, and that usually results in some customization – not only to configure the right parts and the right configuration on those parts, but even in adding script packages to add things like TSM agents for backup.
- Security: Again, not all applications are the same. Some will need integration with a single-sign-on server added – that is also accomplished through a script package, but there are many different popular SSO solutions – both from IBM Security Division and other vendors, so you need to figure out which package you need to integrated with, if any. Also, each organization usually has different rules for what the current level of OS patches are for Linux – that means you will usually need to both set up a baseline through an extend-capture process and then work out a solution for patching the OS in place for emergency patches, through integration with Yum or other solutions like IBM Endpoint Manager.
- Maintainability: Even though the IBM patterns for WAS and DB2 come with out-of-the-box monitoring built in, many organizations want to integrate with their existing enterprise monitoring solutions. This may simply mean exposing SNMP traps at the level of the entire PureApplication System rack, or it may need the installation of product-specific agents in each VM to connect to that enterprise monitoring solution. Likewise, the IBM patterns on PureApplication System already integrate logs into a common viewer, but enterprises may also want to work with solutions like Splunk or Flume. This is easily done, but also requires script packages to coordinate the integration with the patterns.
So while patterns in PureApplication System make hardening for production straightforward, it doesn’t do everything for you simply because we can’t predict all of your detailed requirements. However, both through publishing best practices detailing how to integrate with all of these different systems, and by providing off-the-shelf script packages and Virtual Application plug-ins to facilitate that integration, we can make your customization an easy and painless process. It will still require some forethought and planning and effort, but it won’t be as difficult as it is in current environments that don’t have the built-in automation that PureApplication System provides.