Cloud Architecture

IBM Cloud solution tutorials: 2023 in review


As it has become tradition, the team creating the looks back and shares the personal highlights of the year 2023.

Another year has passed—it felt like the whole world was talking about and trying out tools powered by generative AI and Large Language Models (LLMs). Kids completing homework with ChatGPT, the rest of us generating images, PowerPoint slides, poems, code skeletons and security hacks. IBM introduced watsonx as the AI and data platform built for business. And just this month, IBM and Meta, together with over 50 founding members and collaborators, launched the AI Alliance. Its goal is to advance open, safe and responsible AI. Quite fascinating.

Now, on to our personal highlights of 2023.

Frederic

AI – Last year in December, the buzz surrounding AI was palpable. This year, AI started making big waves in mid-November and its impact has been felt across various aspects of our lives. From photo editing to writing emails, AI has become an indispensable tool in many settings. As I’ve seen it being used with remarkable efficiency in coding, trip planning, meeting preparation, user interface design, job interview question generation and social media posts, it’s clear that this technology will continue to advance and become even more integral to our daily lives.

Platform engineering, internal development platform – Platform engineering is at the forefront of modern software development, driving innovation and collaboration across teams. By capturing best practices in reusable Terraform templates, engineering teams can streamline their workflows, reduce errors and improve productivity leading to better software outcomes for users and faster time to market. This year, IBM Cloud introduced projects and deployable architectures. Projects are a named collection of configurations that are used to manage related resources and Infrastructure as Code (IaC) deployments. A deployable architecture is a cloud automation for deploying a common architectural pattern that combines one or more cloud resources that are designed for easy deployment, scalability and modularity. It is very easy to turn a terraform template into a deployable architecture and open the door to cost optimization, compliance management, self-service, standardization and repeatability.

KubeCon – KubeCon + CloudNativeCon North America 2023 was in Chicago this year, my hometown. This was my first time at the conference and let me tell you, it was nothing short of mind-blowing! Seeing the Kubernetes ecosystem in action was truly amazing—the sheer scale of what it’s capable of is awe-inspiring. It’s incredible to think about how one technology can support so many companies and create such a vast array of job opportunities! I caught on many of the conference themes and walking through the vendors, I got impressed by many of the technologies. AI and internal development platform were two of the highlights. Now I need to pick a few and try some of the vendor products!

Powell

Platform engineering on the Hybrid Cloud – While writing the case study IBM hybrid cloud delivers value for reinvestment and manages compliances, I was astounded by the breadth of applications IBM creates and supports to manage the business. The extension of the CIO office’s dedicated data center to the IBM public cloud allowed for experimentation and growth with zero risk. The platform supports a global footprint for disaster recovery (DR), leveraging Red Hat OpenShift. Application templates with guardrails ensure the day-to-day operations, fixes and security patches are delivered continuously.

Transit VPC using VPN – The hub and spoke model allows communication to pass through a firewall-router using an off the shelf appliance. There is a two-part tutorial (part1, part2) that describes the architecture. The Terraform automation and automated regression testing allowed me to reliably change the connection mechanism from direct link to VPN. The blog post “How to use VPN with a VPC hub-and-spoke architecture” describes the project. Automated regression tests are a dynamite.

VPC Custom Images – Some workloads are best captured on VPC virtual machines. Baking the application into the virtual machine image is a simple way to roll out software. You can use IBM’s images as a starting point or bring your own cloud-init image into the IBM Cloud. Read VPC Custom Image Creation and Distribution to get insights into VPC image support in the IBM Cloud.

Dimitri

Blog posts – In Adding Instance Storage to an Existing VPC VSI, I describe the process I took to update an existing virtual server instance (VSI) and add instance storage to it. This was made possible by an enabling feature that allows you to preserve and re-use a boot volume when a VSI is deleted.

In Using Event Notifications in your deployed solutions, I covered how to set up and configure the service using an infrastructure as code template and automatically route service notifications to an SMS, email or object storage destination. The team that develops this offering recently added the ability to customize the e-mail that is sent, this is a great improvement as you can now suggest actions to your recipients based on the event that was captured.

Certifications – I worked with a team of talented subject matter experts to revamp our IBM Certified Professional Developer learning plan. The courses in the plan are focused on services that are relevant to developers building applications on the IBM Cloud platform and prepare you for the certification exam, which you can now take online with Pearson Vue. Check it out if getting certified is still on your to-do list for the year. If you are interested in other roles such as architect, SRE, etc., you can also take a look at the full list of learning plans and certifications on the IBM Training page.

Henrik

Db2 and IDUG anniversaries – Happy birthday, Db2! And happy birthday, International Db2 User Group (IDUG)! IBM Db2 for z/OS celebrated its 40th anniversary this year. IBM Db2 was launched in June 1983. Five years later, IDUG was born. And another five years later, 30 years ago, IBM Db2 (for Linux, UNIX and Windows, LUW) was made available to the public.

As former user, then developer, manager, technical enabler, lab advocate and since some years IBM liaison to the IDUG EMEA Conference Planning Committee (CPC), I was fortunate and happy to celebrate the anniversaries by meeting many Db2 users at the IDUG 2023 EMEA Db2 Tech Conference in Prague, Czech Republic, as well as at some other events.

Cloud security – How would you rate your adoption of security features to protect your cloud account and its managed resources? Have you utilized a service to assess your account’s security posture? I try to follow the cloud and data security news and find it fascinating what security features have been added and at the same time how attacks have changed (nothing new when looking back…).

Over the past year, I started to secure more resources using context-based restrictions. Access is then limited to configured service instances or specific network zones and addresses. Furthermore, for some resources I even added time-based conditions to restrict access to certain hours or for a stretch of days (like workshops or hackathons). Yet another security feature is a trusted profile. It allows to authenticate without API key or password, but based on well-defined other criteria like a specific compute resource (virtual machine, Kubernetes cluster and namespace). A new tutorial, trusted profiles for secure cloud environments, discusses the technical details and walks you through the steps for enhanced security.

Security-wise, there was much more. I wrote two blog posts about account cleanup. The first was on how to clean up unused access policies. The other discussed automatic processing of detected inactive identities. In terms of assessing the security posture of your account, the IBM Cloud Security and Compliance Center (SCC) added several new features. As German and European, I especially like the new support for the BSI C5:2020 security profile.

Engage with us

If you have feedback, suggestions or questions about this post, please reach out to us on Twitter (@data_henrik, @powellquiring) or LinkedIn (Dimitri, Frederic, Henrik, Powell). Use the buttons on individual tutorials to provide suggestions by opening a doc issue. Moreover, you can open GitHub issues on our code samples for clarifications.

We would love to hear from you and have you as our reader again in 2024.

Explore our IBM solutions library here

Was this article helpful?

YesNo





Source

Related Articles

Back to top button