C1000-148 Platform Planning

Platform Planning Detailed Explanation

This section focuses on how to design, set up, and maintain a reliable, secure, and high-performing environment for IBM Cloud Pak for Business Automation. This involves understanding different deployment options, ensuring your infrastructure can handle the platform's needs, and establishing processes to keep it running smoothly over time.

1.1 Deployment Models and Architecture Selection

When we talk about deployment models and architecture, we’re discussing where and how IBM Cloud Pak is installed. There are several ways to deploy it depending on your organization’s needs:

Multi-Cloud and Hybrid Cloud Architectures

• Multi-Cloud: This refers to using multiple cloud service providers. For example, an organization might use both AWS and Azure for different parts of its business. IBM Cloud Pak can run on any of these clouds, which means the organization has flexibility.

• Hybrid Cloud: This means a mix of on-premises (in the organization’s own data center) and cloud environments. An organization may keep some sensitive data on-site but still use the cloud for additional storage or computing power.

  Why is this important?

  • Flexibility: Organizations can choose different environments based on their needs. For example, they may use a public cloud for regular operations but an on-premises setup for sensitive data.

  • Cost and Security: Hybrid setups can save costs while keeping critical data secure in private environments.

    What you need to learn:

  • How to configure IBM Cloud Pak to work smoothly across multiple environments.

  • The networking and security requirements for each environment.

On-Premises Deployment

• On-Premises means deploying IBM Cloud Pak within the organization’s own data center rather than on a public cloud. This is often chosen for industries with high-security standards (like finance or healthcare) where data cannot leave the organization’s control.

  Key points:

  • Data Privacy: On-premises deployments keep data entirely within the organization, which can be essential for sensitive information.

  • Higher Control: The organization has complete control over the infrastructure, which can be helpful for customization and security.

    What you need to learn:

  • The specific hardware, storage, and networking requirements for on-premises deployment.

  • How to configure IBM Cloud Pak to work optimally in a local environment.

High Availability (HA)

• High Availability ensures that the system continues running smoothly, even if parts of the infrastructure fail. For example, if one server goes down, another takes over without interruption. This is crucial for IBM Cloud Pak since it supports essential business processes.

  Key features of HA:

  • Redundancy: Having backup resources ready to take over if the main ones fail.

  • Load Balancing: Distributing work across multiple resources so that no single server becomes a bottleneck.

  • Failover: Automatically switching to a backup resource if one fails.

    What you need to learn:

  • How to set up redundancy and failover mechanisms in IBM Cloud Pak.

  • How to configure load balancers to distribute workload evenly.

Disaster Recovery (DR)

• Disaster Recovery (DR) is the plan for getting systems back up and running after a major failure (like a power outage or natural disaster). IBM Cloud Pak users need to know DR strategies to ensure data and services can be restored.

  Key elements of DR:

  • Cross-Region Recovery: Keeping backup copies of data in a different location to recover from regional disasters.

  • Data Backup: Regularly saving copies of data so that it can be restored.

  • Restoration Plans: Clear steps for bringing services back online quickly.

    What you need to learn:

  • Techniques for setting up cross-region backup and recovery.

  • How to create and test restoration plans to ensure they work as expected.

1.2 Infrastructure Planning

Infrastructure planning is about ensuring you have the right resources and configurations for IBM Cloud Pak to run smoothly. This includes everything from computing power to storage and network setups.

Compute and Storage Resource Planning

• Compute Resources: This includes CPU and memory, which are the processing power and temporary storage that Cloud Pak modules need to operate.

• Storage Resources: Different Cloud Pak modules need different types of storage. For instance, persistent storage retains data even when the system restarts.

  What you need to learn:

  • The minimum CPU, memory, and storage requirements for each Cloud Pak module.
  • How to scale these resources up as more users or data are added.

Network and Connectivity Configuration

• Network Security: Cloud Pak needs to connect securely to other parts of your system. This means using secure connections (like VPNs) and firewalls to protect the data.

• Load Balancers and VPCs: Virtual Private Clouds (VPCs) provide isolated network environments for security. Load balancers distribute data requests to prevent one server from getting overloaded.

  What you need to learn:

  • How to set up firewalls, VPNs, and other network security measures.
  • How to configure VPCs and load balancers for secure and efficient data flow.

Storage Selection and Persistent Data Management

• Storage Types:

  • NFS (Network File System): Commonly used for sharing files across a network.

  • Block Storage: Offers fast access for data that is frequently updated.

  • Object Storage: Used for storing large amounts of unstructured data like files or backups.

    What you need to learn:

    • The pros and cons of each storage type and when to use each one.
    • How to configure these storage types to support Cloud Pak’s data needs.

Container Management and Orchestration

• Containers are like lightweight virtual machines; they hold everything an application needs to run, making it easy to deploy across different environments.

• Kubernetes and OpenShift: These are platforms for managing groups of containers, allowing you to automate deployment, scaling, and management.

  What you need to learn:

  • The basics of containerization and why it’s useful.
  • How to use Kubernetes and OpenShift to manage Cloud Pak containers, ensuring applications run smoothly and scale as needed.

1.3 Environment Management and Monitoring

This section focuses on keeping the IBM Cloud Pak environment healthy, up-to-date, and performing optimally.

Installation and Configuration Management

• Installation: IBM Cloud Pak can be installed on platforms like OpenShift or Kubernetes, so understanding these platforms is crucial.

• Configuration: Proper configuration ensures that the system meets organizational requirements and follows best practices.

  What you need to learn:

  • The steps for installing IBM Cloud Pak on various platforms.
  • How to configure the platform settings correctly to optimize performance and security.

Monitoring and Log Management

• Monitoring Tools: Tools like Prometheus and Grafana can help you set up real-time alerts and track system performance.

• Log Management: Logs record important events in the system and can help troubleshoot issues. Tools like ELK (Elasticsearch, Logstash, Kibana) make it easy to manage and analyze these logs.

  What you need to learn:

  • How to set up monitoring to track system performance and receive alerts when something goes wrong.
  • How to use log management tools to diagnose issues and keep track of important events.

Lifecycle Management

• Regular Updates and Patching: Regular updates and patches ensure the system remains secure and benefits from the latest features.

• Backup and Restore: Being able to back up data and restore it if necessary is essential for maintaining system reliability.

  What you need to learn:

  • How to plan and apply regular updates and patches.
  • How to implement backup and restore procedures to safeguard data.

These detailed explanations should give you a comprehensive understanding of each aspect of Platform Planning for IBM Cloud Pak for Business Automation. Taking the time to study each part carefully will prepare you to deploy, manage, and optimize Cloud Pak environments confidently.

Platform Planning (Additional Content)

1. Deployment Models and Architecture Selection

Kubernetes and OpenShift in IBM Cloud Pak Deployment

IBM Cloud Pak for Business Automation is built on Red Hat OpenShift, which itself is an enterprise Kubernetes distribution with additional security, automation, and developer-friendly features.

Differences Between OpenShift and Kubernetes

Feature	Kubernetes	OpenShift
Container Orchestration	Uses kubeadm or kube-scheduler to manage workloads	Uses Kubernetes with additional security and enterprise features
Networking	Requires manual setup of network policies	Uses OpenShift SDN or OVN-Kubernetes with built-in network security policies
Security	RBAC and Pod Security Policies	Includes stricter Security Context Constraints (SCCs) by default
Deployment Management	Uses YAML configurations for deployment	Provides OpenShift Operators and Helm charts for automated deployment
CI/CD	Requires third-party tools like Jenkins	Supports OpenShift Pipelines (Tekton) for native CI/CD
Storage	Uses Persistent Volumes (PV) and Persistent Volume Claims (PVC)	Supports dynamic storage provisioning and OpenShift Container Storage (OCS)

Special Configurations for OpenShift in Cloud Pak

• Operators & CRDs: IBM Cloud Pak uses OpenShift Operators to automate deployment, scaling, and updates.
• Persistent Storage: Cloud Pak requires dynamic storage provisioning, often configured using OpenShift Persistent Volume Claims (PVCs).
• Networking: OpenShift provides Route-based networking instead of the standard Kubernetes Ingress.

Key Knowledge Areas:

• How to install and configure Cloud Pak Operators in OpenShift.
• Understanding Security Context Constraints (SCCs) in OpenShift.
• Configuring OpenShift Routes for external application access.

2. Infrastructure Planning

Resource Optimization and Automation

Efficient resource management is essential for IBM Cloud Pak to run optimally in OpenShift. Two important Kubernetes/OpenShift concepts related to resource allocation are:

Resource Quotas and Limit Ranges

• Resource Quota: Limits the total CPU, memory, and storage a namespace can consume.
• Limit Range: Defines minimum and maximum resource allocations for pods in a namespace.

Example of Resource Quota:

apiVersion: v1
kind: ResourceQuota
metadata:
  name: cloudpak-quota
spec:
  hard:
    cpu: "20"
    memory: 50Gi
    pods: "50"

Example of Limit Range:

apiVersion: v1
kind: LimitRange
metadata:
  name: cloudpak-limits
spec:
  limits:
  - default:
      cpu: "1"
      memory: "2Gi"
    max:
      cpu: "4"
      memory: "8Gi"
    min:
      cpu: "0.1"
      memory: "512Mi"
    type: Container

Autoscaling in OpenShift

Cloud Pak uses autoscaling to dynamically adjust resources based on workload demands.

1. Horizontal Pod Autoscaler (HPA)

• Increases or decreases the number of pods based on CPU or memory usage.

• Example configuration:

  apiVersion: autoscaling/v2beta2
  kind: HorizontalPodAutoscaler
  metadata:
   name: cloudpak-hpa
  spec:
   scaleTargetRef:
     apiVersion: apps/v1
     kind: Deployment
     name: cloudpak-app
   minReplicas: 2
   maxReplicas: 10
   metrics:
   - type: Resource
     resource:
       name: cpu
       target:
         type: Utilization
         averageUtilization: 70
  

2. Vertical Pod Autoscaler (VPA)

• Adjusts CPU and memory allocations for each pod dynamically.
• Used to optimize Cloud Pak workloads without increasing pod count.

Key Knowledge Areas:

• Configuring Resource Quotas and Limit Ranges in OpenShift.
• Setting up HPA and VPA for IBM Cloud Pak workloads.

Compute Nodes (Worker Nodes) and Storage

Cloud Pak requires persistent storage for its services, particularly Business Automation Content Services.

Storage Management in OpenShift

• StorageClass: Defines the provisioner (NFS, AWS EBS, Portworx, etc.).
• Persistent Volume (PV) & Persistent Volume Claim (PVC):
  • PV: Allocates storage from the cluster.
  • PVC: Requests a specific amount of storage.

Example Persistent Volume Configuration:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: cloudpak-pv
spec:
  capacity:
    storage: 100Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: ibmc-block-gold

Example PVC Configuration:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: cloudpak-pvc
spec:
  storageClassName: ibmc-block-gold
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

Choosing the Right Storage Type

Storage Type	Use Case
Block Storage	Best for databases and transactional workloads (IBM Cloud Block Storage, AWS EBS)
File Storage (NFS)	Used for shared file systems and application logs
Object Storage	Suitable for large-scale, unstructured data (IBM Cloud Object Storage, AWS S3)

Key Knowledge Areas:

• Configuring Persistent Volumes (PV) and PVCs in OpenShift.
• Selecting StorageClass based on Cloud Pak workloads.

3. Environment Management and Monitoring

Role-Based Access Control (RBAC)

IBM Cloud Pak uses RBAC to enforce access policies within OpenShift.

RBAC Components

• Role vs. ClusterRole:
  • Role: Grants permissions within a single namespace.
  • ClusterRole: Grants permissions across the entire cluster.
• RoleBinding vs. ClusterRoleBinding:
  • RoleBinding: Binds a Role to users/groups in a namespace.
  • ClusterRoleBinding: Binds a ClusterRole to users/groups across all namespaces.

Example Role and RoleBinding:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: cloudpak
  name: cloudpak-admin
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["create", "delete", "get", "list"]