IBM Systems Magazine, Mainframe - May/June 2018 - 18
This new IBM Z offering can run 240 concurrent databases executing a total of 58 billion database transactions per day. The z14 ZR1 can be used by cloud service providers in very small-capacity increments. It can help provider clients start small and then grow as their businesses do. This system scales quite well and can accommodate a company's 100-fold growth with plenty of room left for future computing demands. Running 330,000 Docker containers at once, and up to 8 TB of memory, it can handle any workloads and scale to meet business peaks. "When you talk about where the industry is going, where developers are going in terms of moving to Docker, Kubernetesbased application deployments and MongoDB data stores, the idea of scaling can be a challenge with typical Linux commodity hardware base. The z14 ZR1 allows you to flex and respond to changing demands much more rapidly and at a better cost than other architectural approaches. That's been a major design focus for IBM Z," Tarquinio says. Built With Security in Mind "Hundreds of differences exist between the z14 ZR1 and its predecessors," Mauri says, with the total being greater than the sum of their parts. "At a basic level, this system is faster and has more capacity, but that's just the beginning of the story. It has significantly more memory (up to 8 TB) because more workloads involve analytics and you want to run them in as much memory as much as you can for speed of execution. Then you add in the size and capability of the I/O subsystem, the new links that connect the system to storage, and you're talking big differences." "We innovate throughout the stack, more so than anyone else in the industry. As a result, we can design and tune everything in the stack to work in harmony, like an orchestra. That's one of our advantages." -Ross Mauri, general manager of IBM Z and LinuxONE On top of that, many of these new features require no application changes, so clients can benefit right away. One of these differences is the IBM Secure Service Container, which is used for the secure deployment of virtual software appliances. This makes the z14 the most secure Linux platform for hosting modern, cloud-native, container-based applications as part of IBM's overall Docker container strategy. "The Secure Service Container is a virtual appliance that enables end-to-end encryption of code and data in the container. It allows them to lock down the application and data and make them immune to malware, ransomware, insider threats and the scraping of cryptokeys," Mauri says. The Secure Service Container is complementary with IBM Z pervasive encryption. As designed and implemented, IBM's pervasive encryption allows for the encryption of data, both at-rest and in-flight, at speeds faster than end-to-end encryption tools on x86-up to 2.8x faster. This speed difference is in large part due to having crypto engines built into the latest IBM Z 18 // MAY/JUNE 2018 ibmsystemsmag.com & The new models boast up to 850 million encrypted transactions a day microprocessors. This design, standard on all IBM z14 models, ensures that overall system performance won't be lessened to a noticeable degree by using encrypted data. "Pervasive encryption won't change your service-level agreements. There may be a slight increase in compute resource consumption, but it's so small that, when coupled with the new performance levels on the z14, you'll never see it, especially when compared to older generation systems. This is important, because many of our clients are in some of the most heavily regulated industries or operate under the European Union's General Data Protection Regulation (GDPR) and need to be protected by rock-solid security," Tarquinio explains. The IBM Z14 ZR1 can encrypt 10 GB of data a second, so every transaction, every database interaction can run encrypted with no transaction interruptions. That's based on CPU innovations including cryptographic acceleration on every core, larger memory and a faster and more scalable I/O subsystem. The new models boast up to 850 million encrypted transactions a day.