Archived | Protect data on LinuxONE with pervasive encryption

Archived content

Archive date: 2020-01-12

This content is no longer being updated or maintained. The content is provided “as is.” Given the rapid evolution of technology, some content, steps, or illustrations may have changed.


Protect your data on LinuxONE using pervasive encryption with nearly zero CPU overhead.

In this code pattern, you will build and deploy a crypto dashboard with IBM Cloud Private running in the LinuxONE Community Cloud.


IBM Cloud Private is a private cloud platform for developing and running workloads locally. It is an integrated environment that enables you to design, develop, deploy, and manage on-premises, containerized cloud applications behind a firewall. It includes the container orchestrator Kubernetes, a private image repository, a management console, and monitoring frameworks.

This code pattern includes the following components:

When you will complete this code pattern, you will understand how to:

  • Configure a LinuxONE Linux guest to use the hardware cryptographic acceleration.
  • Use the LinuxONE crypto API’s to get monitoring data about hardware cryptographic use.
  • Build a Docker image from an existing application.
  • Deploy a Docker image to IBM Cloud Private.
  • Run the existing application using the IBM Cloud Private catalog.
  • Build an ELK Dashboard to monitor hardware cryptographic activity of LinuxONE Linux guest.



This code pattern requires an existing Linux on IBM Z environment of your choice as a starting point. From there, and after some optimization, captured encryption activity will be sent to a private cloud environment and be magnified thanks to the Elasticsearch-Logstash-Kibana (ELK) dashboard. IBM Cloud Private has been configured into the LinuxONE Community Cloud.

  1. User optimizes, collects, and pushes Enterprise Legacy environment encryption activity to the IBM Private Cloud.
  2. User deploys an ELK stack running on IBM Cloud private, and sources encryption activity data from Enterprise Legacy environment.
  3. User creates and then uses the crypto activity dashboard running on IBM Cloud Private.


Find detailed technical steps for this code pattern in the file in the GitHub repository.

Guillaume Hoareau