Hybrid vs Multi-Cloud and IBM’s OpenShift Strategy
Key Points
- Hybrid cloud mixes on‑premises workloads with a single public‑cloud provider, while multi‑cloud spreads workloads across two or more public clouds for flexibility and cost optimization.
- IBM’s acquisition of Red Hat reshaped its cloud roadmap by making Red Hat OpenShift the core delivery platform for all IBM Cloud Paks, including the Cloud Pak for Multicloud Management.
- The Cloud Pak for Multicloud Management leverages open‑source projects (Kubernetes, Prometheus, Grafana, ELK, etc.) and Red Hat’s enterprise‑grade support to deliver a unified management stack.
- IBM plans to deepen its partnership with Red Hat, extending open‑source integrations and support across its broader portfolio as the two companies align their strategies.
- Because using multiple clouds traditionally forces customers to juggle separate vendor‑specific tools, IBM’s unified Cloud Pak approach offers a single pane of glass to manage heterogeneous environments more efficiently.
Sections
- Multi‑Cloud, Hybrid Cloud, IBM Strategy - The speaker clarifies that hybrid cloud mixes on‑premises resources with one public cloud, whereas multi‑cloud utilizes multiple public clouds, and explains how IBM’s Red Hat acquisition pivots its cloud approach toward OpenShift‑based Cloud Pak solutions.
- Unified Multi-Cloud Workload Management - The speaker explains that a single control layer—exemplified by Cloud Pak for Multicloud Management—must handle both container and predominantly VM/bare‑metal workloads across multiple clouds, supporting today’s infrastructure while scaling with future modernization.
- Declarative Compliance in DevSecOps - The speaker explains how a Kubernetes‑inspired declarative, policy‑as‑code approach integrates security and compliance into the DevSecOps pipeline, enabling developers to version, deploy, and enforce policies early rather than adding them at the end of production.
- Closing Remarks and Gratitude - The hosts thank Matt for speaking and express excitement about hearing more from him in a future presentation.
Full Transcript
# Hybrid vs Multi-Cloud and IBM’s OpenShift Strategy **Source:** [https://www.youtube.com/watch?v=CDtjlshp1KI](https://www.youtube.com/watch?v=CDtjlshp1KI) **Duration:** 00:09:29 ## Summary - Hybrid cloud mixes on‑premises workloads with a single public‑cloud provider, while multi‑cloud spreads workloads across two or more public clouds for flexibility and cost optimization. - IBM’s acquisition of Red Hat reshaped its cloud roadmap by making Red Hat OpenShift the core delivery platform for all IBM Cloud Paks, including the Cloud Pak for Multicloud Management. - The Cloud Pak for Multicloud Management leverages open‑source projects (Kubernetes, Prometheus, Grafana, ELK, etc.) and Red Hat’s enterprise‑grade support to deliver a unified management stack. - IBM plans to deepen its partnership with Red Hat, extending open‑source integrations and support across its broader portfolio as the two companies align their strategies. - Because using multiple clouds traditionally forces customers to juggle separate vendor‑specific tools, IBM’s unified Cloud Pak approach offers a single pane of glass to manage heterogeneous environments more efficiently. ## Sections - [00:00:00](https://www.youtube.com/watch?v=CDtjlshp1KI&t=0s) **Multi‑Cloud, Hybrid Cloud, IBM Strategy** - The speaker clarifies that hybrid cloud mixes on‑premises resources with one public cloud, whereas multi‑cloud utilizes multiple public clouds, and explains how IBM’s Red Hat acquisition pivots its cloud approach toward OpenShift‑based Cloud Pak solutions. - [00:03:09](https://www.youtube.com/watch?v=CDtjlshp1KI&t=189s) **Unified Multi-Cloud Workload Management** - The speaker explains that a single control layer—exemplified by Cloud Pak for Multicloud Management—must handle both container and predominantly VM/bare‑metal workloads across multiple clouds, supporting today’s infrastructure while scaling with future modernization. - [00:06:12](https://www.youtube.com/watch?v=CDtjlshp1KI&t=372s) **Declarative Compliance in DevSecOps** - The speaker explains how a Kubernetes‑inspired declarative, policy‑as‑code approach integrates security and compliance into the DevSecOps pipeline, enabling developers to version, deploy, and enforce policies early rather than adding them at the end of production. - [00:09:22](https://www.youtube.com/watch?v=CDtjlshp1KI&t=562s) **Closing Remarks and Gratitude** - The hosts thank Matt for speaking and express excitement about hearing more from him in a future presentation. ## Full Transcript
Let me ask you a few questions, but I can hit you first with an easy one:
What's the difference between multi-cloud and hybrid cloud?
It's a really good question, Dan.
So, hybrid cloud traditionally refers to
running some part of your workload on-premise
and some part in a public cloud.
But usually that means one and only one public cloud,
possibly tied or locked to that particular vendor.
Multi-cloud means having the flexibility to run in one or more different public clouds,
perhaps switching between them, depending on cost or other reasons.
Well, considering acquisitions are happening so much today,
you could have a multi-cloud simply by the very fact that you acquired someone, right?
Right.
Speaking of acquisitions, we've had one at IBM.
The big news for IBM was the acquisition of Red Hat.
How has that affected IBM's cloud strategy going forward?
I think the single biggest thing is
that weare leveraging the OpenShift Kubernetes platform
as a delivery vehicle for all of our software
via our IBM Cloud Pak strategy.
So, all of our Cloud Paks, including the Cloud Pak for Multicloud Management,
are delivered on top of OpenShift.
Our Cloud Pak for Applications actually allows customers
to build applications to run on top of OpenShift.
So, that's really the biggest piece.
We have lots of other bits where we are bringing components of Red Hat together
with both our management portfolio and other portfolios.
But the biggest is OpenShift, I'd say.
Red Hat is a big fan of open source, so is IBM.
It has open source tools like monitoring and management.
I know they're big fans like we mentioned,
but what role does open source play in the Cloud Pak for Multicloud Management?
We've seen what Red Hat's done with open source, as you mentioned, right?
They've done a great job of providing enterprise grade support
and updates around an open source set of communities.
IBM has had a similar relationship with open source
and we look to continue that with the Cloud Pak for Multicloud Management.
So, leveraging both the open source capabilities that come in from Red Hat
and open source communities such as
Kubernetes, that are outside of that,
and Prometheus and Grafana, ELK, other sorts of things like that;
we'll look to expand our open source involvement and really
follow Red Hat's lead there.
Really, they've had the lead in this particular space,
but have a whole big stack that is based upon open source
and then the enterprise support on top of it.
We're going to be working more and more with Red Hat as the years go on, right?
Arguably though, development shops have multiple clouds platforms -- it's the new norm.
Why wouldn't customers also use multiple vendor tools to manage and maintain their environments?
What we find is,
if you use multiple clouds, you end up with multiple tool sets from each of those individual clouds.
And if you stick with just those tool sets from the different cloud vendors,
you end up with multiple panes of glass and multiple places that need to go and check.
So, in the case of something like security,
it's really easy for something to slip through the cracks.
And your operationss team is going to be upset by that!
Absolutely!
So, having a single control plane
that sits in front of those cloud tools
really gives you that visibility
and governance end-to-end across your entire environment.
So, you have multiple cloud platforms and you have a single view on it.
And that doesn't eliminate the need for those tools on those multiple cloud providers.
You still may drill down to those.
But having some layer that's above that, that is that single control point,
really is critical.
Let's go down one level.
We know that Kubernetes manages containers.
VMware and OpenStack, manages VMs.
Does the Cloud Pak for Multicloud Management help manage these non-container workloads too?
One of the things that we found as we've discussed with clients since we've been on this multi
cloud management journey for the last couple of years,
is that while cloud native architectures with containers are the hot new thing,
it represents a pretty small percentage of
what customers have in their environments today.
Virtual machines make up the vast majority of that.
I hear something something like 80%.
It's probably even more than that, 80-90 percent.
And then there's some bare metal stuff, mainframes, et cetera.
The ability to have your multi-cloud management platform handle all of those resources,
even as your modernization journey might take you to more containers
in the next three, five, ten years,
is a really critical thing.
And it's a design point for us with the Cloud Pak for Multicloud Management.
Meet the client where they are today in terms of their infrastructure,
and be able to grow with them as they modernize
and maybe change that blend in the future.
They've made a huge investment; you're wanting to preserve that investment.
Absolutely.
And if you look outside of our Cloud Pak for Multicloud Management
to someplace like our Cloud Pak for Applications, we can also help them
modernize that application layer that's running on top of it as well.
So, we really are looking at the Cloud Pak for Multicloud Management
as helping them modernize that management layer,
while at the same time
the development teams are modernizing that applications layer.
Speaking of development teams,
you know we've talked a lot about the Operations teams
and we've talked about the Development team,
is the multi-cloud compliance and security, is that a concern for development,
for operations, or both of them have to worry about this now?
I think the answer is both,
but I think traditionally the answer has been
it's primarily been an operations problem
and security has been something that has been a bolt-on or an afterthought
once you've pushed the application into production.
Or the developer has to worry about it.
Well, when they have to fix the bugs!
Of course, right?
You're seeing an emerging practice in the industry called DevSecOps,
which really, if you think about it, brings that together:
development, security, operations.
And really what that means is
you're injecting security and policy and compliance practices
into the development lifecycle from the beginning.
It's just an extension of DevOps and Agile practices.
So, DevOps would have you inject things like monitoring from day one.
DevSecOps says, "Well, in addition to adding monitoring
and management from day one, you need to add security too."
So, those two teams have to work together.
Absolutely, absolutely.
And again, I think
you'll probably see a new term come out at some point, which is to have a security-focused SRE.
Because again, that's very similar, those practices and bringing those things together
and not have them be separate silos.
So, how does the multicloud Cloud Pak for Multicloud Management
make it easier to enforce those policies
ensuring that safe and compliant environment?
I mean, that's about making the operations team more efficient.
Absolutely, right.
And also providing something that the development team can develop to them.
So, we've picked up some concepts from Kubernetes,
and that's the notion of a declarative model
where you write out, in code or in a text document,
what you want the compliance to be in the form of a policy.
That's very Kubernetes like, isn't it?
And the system will enforce that for you.
So, what that means is
our developers can write that as a piece of code with their application.
They can check it into source control,
it can go over to the operations team,
the operations team can pull that out and deploy it into production.
So, it's now completely a part of that DevSecOps process
because you have that declarative model.
Again, building off of what Kubernetes has done,
but really stretching that out to those non-container resources as well.
So, if I'm adopting this cloud model here,
how does security and compliance become critical to that deployment success?
Well, I would say
you want to start right away with security when you adopt.
It's a critical component.
I would say that traditionally speaking,
we've always had it as at the end of the process.
Once we get to production, let's worry about,
let's put intrusion detection and vulnerability detection
and all that stuff on it.
There's trip wire systems on the production environment.
But what we're realizing is,
particularlyin this world where we're bringing in more
open source components and using public cloud services,
that you really need to be,
as soon as you start developing these components,
you need to start worrying about security of the system,
checking the security of the system,
even if it's in your development builds...
Like with the microservices, won't it be a component that you can then put a wrapper around?
Absolutely. It absolutely is.
And that microservice, you might develop and think it's only going to run on premise,
but then the company may decide, "Oh, I'm going to run it on a public cloud".
You have that flexibility.
But you still need to have that ability to have security,
which is why you need to be thinking about that
from when you first start writing that design document, right?
Even before you even start writing code,
security needs to be part of that process.
You can test it independently, component by component.
Yes, absolutely.
Got it.
So, can you talk about how IBM Cloud Pak for Management
integrates with a customer's existing tools and processes,
whether it's from IBM or another vendor?
When we walk into a client site,
they've got management in place;
they're running applications,
they're running infrastructure, their business is going on, right?
Cause there's, there's no green fields in IT where nobody's doing anything yet.
There's stuff that's running, and they have to manage it somehow.
So, these can be things like,
everyone's got a service desk somewhere, something like a ServiceNow
where they're getting tickets in.
Often there's some level of monitoring and log management that exists in that environment,
whether it's an open source tool or a third-party tool or an IBM tool to solve that problem.
We can integrate those into the Cloud Pak for Multicloud Management
so that single control plane can get events and data and incidents
from all of those different tools.
And you have the flexibility to choose,
in some cases, the IBM tool or stick with your existing tool,
in the case that there might be an overlap between those two things.
We really don't want to present the Cloud Pak for Multicloud Management as
a monolith that you must consume the whole thing.
It's really a set of modular capabilities
that are meant to plug in with what you already have
and build that control plane between everything.
Well, thanks Matt for taking the time to talk with us,
we look forward to hearing more from you in our next presentation.
Absolutely, thank you so much.