How IBM Would Plant its Bluemix Cloud Behind Your Firewall
IBM wants to bring some of that much-touted cloud computing goodness to those organizations that that would rather keep their data and applications behind their firewalls.
On Thursday, IBM extended its Bluemix set of platform services so they can be run within an organization’s own internal networks.
IBM is betting this approach, called Bluemix Local, will appeal to a number of highly-regulated industries, most notably banking, healthcare and financial services.
Running an external cloud service behind a firewall sounds like a contradiction, or some serious marketing jujitsu. But here is how it will work: The client sets up a cluster of servers, running either a VMware stack or OpenStack. Then, IBM will install and configure the Bluemix software on the servers, the same software IBM uses in its own Bluemix cloud services.
“We build it out and load up all the services and manage it like it is one of our data centers,” said Damion Heredia, IBM vice president of cloud platform services. The client only worries about maintaining the servers and the copies of OpenStack or VMware; IBM manages all the software higher up on the stack.
The internal Bluemix can be tethered to IBM in one of two ways. Users can set up a virtual private network or a direct link to one of IBM’s 60 “points-of-presence” around the world, Heredia said.
IBM Bluemix Local catalog.
To be sure, this general approach, often called the hybrid cloud, has been embraced by other enterprise IT software and system providers, notably Microsoft and Hewlett-Packard.
The thinking behind the hybrid cloud is that it would be easier for an organization to move its operations to the cloud if the cloud resembled its in-house IT setup. A Microsoft shop, for instance, might find it easier to shift operations to Microsoft Azure than to, say, Amazon Web Services.
Heredia insists that IBM’s hybrid approach is superior to other, unnamed competitors, which provide the cloud software, but leave the maintenance chores to the customers.
“We’re delivering Bluemix to you as a service, just as we do in our public environment, except that it is on your hardware,” Heredia said. As the need for the internal cloud grows or wanes, the client can adjust the number of servers needed.
BlueMix Local relies on IBM software called Relay, which synchronizes the on-premises copies of Bluemix, including any updates and security patches, with the version IBM maintains to run its own services. Administrators are alerted when Bluemix updates are ready to be applied, and have a three week window in which they can schedule the updates.
System administrators interact with all the Bluemix services using a console, which keeps track of both public and private Bluemix instances the organization has running. Moving an app between the local and the public cloud involves rebinding the application to the new location, an operation that can be completed with a few mouse clicks, according to Heredia.
“We have one way to run apps, and you choose where the apps run,” Heredia said. IBM also has tools ready to make data migration as painless as possible.
IBM Bluemix Local administrative console
IBM launched Bluemix in June 2014. It is based on Cloud Foundry, which is open source cloud platform software managed by Pivotal. Bluemix now offers 120 different platform services, from IBM and third-party providers.
IBM’s set of Bluemix services includes standard runtimes found on most PaaS services, including those for Node.js, Go, PHP, Python and others. Bluemix also includes a unique set of Watson-branded cognitive services. One service converts speech to text, while another can recognize objects within images.
Other sets of services offer capabilities in software development, security and business analytics.
IBM envisions a number of scenarios of how the Bluemix hybrid approach could play out for enterprises. A company could set up a public-facing app in the cloud, but have it draw data from a database run on Bluemix Local. Or, an organization could develop an application internally, then move it to the cloud for production use.
In beta testing earlier this year, Spanish financial institution CaixaBank started using Bluemix Local to run business applications, which it is migrating from a private Cloud Foundry deployment.
Despite IBM’s smart pitch to the conservative enterprise, it is too soon to assess the deployment of Bluemix Local, of course. (A September Forrester report on the company dryly quipped that IBM’s delivery capabilities could occasionally “lag behind its portfolio strategy”).
Nonetheless, the managed-hybrid strategy is a sensible one for IBM and its clients, said Laurie McCabe, co-founder of the SMB Group IT analysis firm.
Laurie McCabe, SMB Group
IBM’s bread-and-butter are the large enterprises and government agencies that have regulatory restrictions on how they maintain data and operations. Health care companies, for instance, must ensure that their systems accord to the Health Insurance Portability and Accountability Act (HIPAA). So they will be keeping much of their operations in-house for some time yet to come.
“In all honesty, a lot of companies will never go to a pure cloud environment, for different reasons. IBM wants to give these guys the ability to do some things in a private cloud and some things in a public cloud,” McCabe said. “It is a pretty pragmatic step for IBM.”
HP, IBM, Pivotal and VMware are sponsors of The New Stack.
