Archived | Protect data on LinuxONE with pervasive encryption
Use Elasticsearch-Logstash-Kibana (ELK) to collect and report CPACF+CEX6S consumption in realtime on Linux on IBM Z or LinuxONE
Protect your data on LinuxONE using pervasive encryption with nearly zero CPU overhead.
In this code pattern, you will build and deploy a crypto dashboard with IBM Cloud Private running in the LinuxONE Community Cloud.
IBM Cloud Private is a private cloud platform for developing and running workloads locally. It is an integrated environment that enables you to design, develop, deploy, and manage on-premises, containerized cloud applications behind a firewall. It includes the container orchestrator Kubernetes, a private image repository, a management console, and monitoring frameworks.
This code pattern includes the following components:
When you will complete this code pattern, you will understand how to:
- Configure a LinuxONE Linux guest to use the hardware cryptographic acceleration.
- Use the LinuxONE crypto API’s to get monitoring data about hardware cryptographic use.
- Build a Docker image from an existing application.
- Deploy a Docker image to IBM Cloud Private.
- Run the existing application using the IBM Cloud Private catalog.
- Build an ELK Dashboard to monitor hardware cryptographic activity of LinuxONE Linux guest.
This code pattern requires an existing Linux on IBM Z environment of your choice as a starting point. From there, and after some optimization, captured encryption activity will be sent to a private cloud environment and be magnified thanks to the Elasticsearch-Logstash-Kibana (ELK) dashboard. IBM Cloud Private has been configured into the LinuxONE Community Cloud.
- User optimizes, collects, and pushes Enterprise Legacy environment encryption activity to the IBM Private Cloud.
- User deploys an ELK stack running on IBM Cloud private, and sources encryption activity data from Enterprise Legacy environment.
- User creates and then uses the crypto activity dashboard running on IBM Cloud Private.
Find detailed technical steps for this code pattern in the README.md file in the GitHub repository.