Protect data on LinuxONE with pervasive encryption

Get the code


Protect your data on LinuxONE using pervasive encryption with nearly zero CPU overhead.

In this code pattern, you will build and deploy a crypto dashboard with IBM Cloud Private running in the LinuxONE Community Cloud.


IBM Cloud Private is a private cloud platform for developing and running workloads locally. It is an integrated environment that enables you to design, develop, deploy, and manage on-premises, containerized cloud applications behind a firewall. It includes the container orchestrator Kubernetes, a private image repository, a management console, and monitoring frameworks.

This code pattern includes the following components:

When you will complete this code pattern, you will understand how to:

  • Configure a LinuxONE Linux guest to use the hardware cryptographic acceleration.
  • Use the LinuxONE crypto APIS to get monitoring data about hardware cryptographic use.
  • Build a Docker image from an existing application.
  • Deploy a Docker image to IBM Cloud Private.
  • Run the existing application using the IBM Cloud Private catalog.
  • Build an ELK Dashboard to monitor hardware cryptographic activity of LinuxONE Linux guest.



This code pattern requires an existing Linux on IBM Z environment of your choice as a starting point. From there, and after some optimization, captured encryption activity will be sent to a private cloud environment and be magnified thanks to the Elasticsearch-Logstash-Kibana (ELK) dashboard. IBM Cloud Private has been configured into the LinuxONE Community Cloud.

  1. User optimizes, collects, and pushes Enterprise Legacy environment encryption activity to the IBM Private Cloud.
  2. User deploys an ELK stack running on IBM Cloud private, and sources encryption activity data from Enterprise Legacy environment.
  3. User creates and then uses the crypto activity dashboard running on IBM Cloud Private.


Find detailed technical steps for this code pattern in the file in the GitHub repository.