Innovation with IBM® LinuxONE – IBM Blog

Innovation with IBM® LinuxONE - IBM Blog

The IBM® LinuxONE server leverages six decades of IBM expertise in engineering infrastructure for the modern enterprise to provide a purpose-built Linux server for transaction and data-serving. As such, IBM LinuxONE is built to deliver security, scalability, reliability and performance, while it’s engineered to offer efficient use of datacenter power and footprint for sustainable and cost-effective cloud computing. We are now on our fourth generation of IBM LinuxONE servers with the IBM LinuxONE Emperor 4 (available since September 2022), and IBM LinuxONE Rockhopper 4 (available since April 2023) which introduced our first rack mountable system. With the fourth generation of IBM LinuxONE, we introduced technologies such as the Security and Compliance Center designed to significantly simplify audit readiness, quantum-safe algorithms designed to help protect data in the post-quantum age, and the Integrated Accelerator for AI inferencing on the Telum processor to assist in making in-transaction AI tractable. IBM LinuxONE has delivered a rich roadmap of features including a general purpose HSM with industry leading, certified tamper detection and response capabilities as defined by FIPS 140-2 Level 4, PCI HSM certified payment HSMs2, hardware based pause-less garbage collection for Java, EAL5+ isolation between virtual partitions, high performance on-core cryptography, secure enclaves for confidential computing and so much more.1 Over the last four years, we’ve partnered with Red Hat to foster OpenShift and Ansible Automation Platform on IBMLinuxONE. We also introduced IBM Cloud Infrastructure Center2 to provide OpenStack-based infrastructure management that can be managed as a VMware vRealize endpoint. As such, IBM LinuxONE is built to be an open and cloud-ready system that integrates into an existing hybrid cloud strategy. We have built the IBM LinuxONE eco-system by engaging directly with many open source communities and working tirelessly with partners—like Clari5, Illumio, Metaco, MongoDB, NGINX, Nth Exception, Fiorano Software, Fujitsu Limited, Pennant, SQ Solution, Sysdig, ExponentialAI, Aqua Security, Infosys Finacle and SEAL Systems AG, among others—while also bringing the IBM Cloud Pak portfolio to LinuxONE, providing a rich set of capabilities for clients to build cloud native solutions. Our clients’ success is by-far the best testament to the value of IBM LinuxONE: The latter has helped clients like Citi in their efforts focused on “reducing the environmental footprint of their facilities” by “hosting mongo workloads on IBM LinuxONE, that has allowed to really make meaningful changes in terms of data center floorspace and energy consumption in comparison to any other hosting alternatives.”3 Phoenix Systems offers “unparalleled security built into every layer of our IBM and Ubuntu stack” and “can keep prices low, while keeping efficiency high. The easy management and low power consumption of IBM LinuxONE technology is a key contributing factor to the company’s lean operations.”4 Bank Zero have stated “we’re the first in South Africa to offer totally branchless banking services. By combining the very best of IBM and open-source technologies, Bank Zero is spearheading a revolution in banking that we feel confident will increase financial freedom in South Africa and beyond. Our relationship with IBM is pivotal to making this change happen.”5 “Hex Trust chose to build its digital asset custody platform, Hex Safe, on the IBM LinuxONE solution with IBM Hyper Protect Virtual Servers. The IBM technology offered the ideal combination of security, performance, stability and openness to help make the company’s vision a reality.”6 Sagicor Bank is using IBM LinuxONE to host their next generation Temenos core banking system and have stated “We’ll be able to introduce new revenue streams—new business models—that’s a big plus for us. And as we take the next steps—which is the transition to multicloud hybrid—LinuxONE will be ready to handle that.”7 New capabilities On September 26, 2023, we announced the AI toolkit for IBM LinuxONE which leverages an on-chip Integrated Accelerator for AI on the Telum processor to optimize TensorFlow, SnapML and the IBM Cloud Pak for Data. The Telum processor provides in-transaction AI which is designed to help with use-cases such as detecting fraud before it happens, protecting the enterprise’s bottom line8. The AI toolkit for IBMLinuxONE can also help accelerate other inferencing use-cases, for example IBM z16 multi frame and IBM LinuxONE Emperor 4, using the Integrated Accelerator for AI provides 2.5x more throughput for inferencing on biomedical image data with TensorFlow serving versus on compared x86 system.9 We also recently increased the maximum memory per-system to 48TBs. We did this to continue to promote rapid innovation by our clients who want to push the limits of cloud-based sustainable data-serving and transaction processing at-scale. IBM LinuxONE Emperor 4 systems, with GDPS, IBM DS8000 series with HyperSwap and running a Red Hat OpenShift Container Platform environment, are designed to deliver 99.999999% availability.10 With the introduction of the IBM LinuxONE 4 Express clients can now get started quickly leveraging the advantages of IBM LinuxONE with a pre-configured systems and a lower cost of IT. Stay tuned! We have much more innovation planned in the roadmap ahead. FIPS 140-2 Security Level 4 provides the highest level of security defined in this standard, sunsetting in 2026. At this security level, the physical security mechanisms provide a comprehensive envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access. Performance results based on IBM internal tests running TensorFlow 2.12.0 serving with the IBM-zdnn-plugin (https://ibm.github.io/ibm-z-oss-hub/containers/index.html) for inferencing doing semantic segmentation for medical images (https://github.com/karolzak/keras-unet#usage-examples). Tests were run remotely using the wrk workload driver (https://github.com/wg/wrk) sending single images against TensorFlow 2.12.0 serving. IBM Machine Type 3931 configuration: 1 LPAR configured with 12 dedicated IFLs, 128 GB memory, Ubuntu 22.04. x86 configuration: Ubuntu 22.04 on 12 Ice Lake Intel® Xeon® Gold CPU @ 2.80GHz with Hyper-Threading turned on, 1 TB memory. Results may vary IBM internal data based on measurements and projections was used in calculating the expected value. Necessary components include IBM LinuxONE Emperor 4; IBM z/VM V7.2 systems collected in a Single System Image, each running RHOCP 4.10 or above; IBM Operations Manager; GDPS 4.5 for management of data recovery and virtual machine recovery across metro distance systems and storage, including Metro Multi-site workload and GDPS Global; and IBM DS8000 series storage with IBM HyperSwap. A MongoDB v4.2 workload was used. Necessary resiliency technology must be enabled, including z/VM Single System Image clustering, GDPS xDR Proxy for z/VM, and Red Hat OpenShift Data Foundation (ODF) 4.10 for management of local storage devices. Application-induced outages are not included in the above measurements. Other configurations (hardware or software) may provide different availability characteristics.