Buried Treasure – embedding IBM MQ clients and MFT Agents into applications

I haven’t been doing this blog so long that I am going to repeat myself. Or at least not yet. But last year I did a blog on why you would use MQ – and that is broadly the topic of this entry as well but it comes from a specific use-case perspective. Plus – warning – it is longer than usual – sorry. Why do businesses, in their thousands, use IBM MQ – and its many different yet critical functions? Sadly, and I say this as the Offering/Product Manager for MQ, no one wakes up in the morning and decides they want to buy more IBM MQ – but they do so because of the benefit using MQ provides for the applications that run their business.

 

IBM MQ enables the exchange of data between applications, systems, services and files with reliability and security. It does this with scalability and simplicity. It has proved itself in doing this over the last 20+ years that much of the modern online business world takes IBM MQ, and its capabilities for granted.

 

The IT infrastructure is evolving rapidly – as it always is. As such there is both growth in new applications and existing applications are being updated and enhanced. Today’s applications typically have to be more resilient than ever, but also more portable – to be deployed pretty much anywhere. In most businesses applications will be extended out to business partners as the wider ecosystem is more tightly integrated than ever before.

 

These changes drive a greater need for seamless connectivity throughout the infrastructure and it makes it more important that all business data can be simply and quickly moved inside and outside the business. So how has IBM been working on IBM MQ to enable this? And will IBM MQ be able to help all customers – whether they are trying to connect and exchange data between applications, systems, services and files – not just the latest and greatest APIs?

 

IBM MQ allows for connectivity and exchange of data through MQ Clients and MQ MFT Agents and to make it easier for these to be used in many different use cases, IBM has been making changes to the packaging and licensing of these.

One of the key changes was at the end of 2015, there was an update to the license documentation to allow for the redistribution of MQ Clients. IBM makes the MQ client libraries available for free download. These are then built into the MQ enabled applications to allow these applications to send and receive MQ messages. There is no cost for the MQ Clients – as they require a licensed MQ Queue Managers in order to function. However, until late 2015, the license prevent redistribution of these MQ Client files. This meant that if a business built the MQ Clients into an application, it wasn’t permitted to then distribute this application outside the business – i.e. it couldn’t share it with a business partner to allow that partner to work closely as an integrated partner. To allow this under the terms, the partner would need to either install the MQ Client library themselves or agree licensing terms to redistribute the MQ Client with IBM. This restriction was not helpful to these businesses or to the IBM MQ business and therefore it was changed to allow redistribution.

 

Now let’s look at a scenario – Company A uses MQ to exchange information throughout its business. It has suppliers (Company B and Company C) and it wants to streamline the manufacturing processes to enable them to get production statistics and thus help to plan for more efficient resupplies to their factories and warehouses. To do this it wants to provide them with a copy of their own in-house written application that uses MQ. Now that IBM allows for redistribution of the MQ Clients, Company A can simply provide their application to the partner companies to enable them to communicate seamlessly with no need to even be aware of the MQ Client embedded within the application. MQ messages can flow securely between the companies – and as only Company A has a MQ Queue Manager, they are the only ones licensed for MQ – and there is no additional MQ cost for this configuration. Note that companies exchanging MQ messages like this might want to make use of the MQ Internet Pass-thru feature to simplify passing messaging through their firewalls.

 

Now let’s imagine Company D. They are also part of the supply chain ecosystem for company A, and also many other businesses. But the stock control and distribution management systems are built mainly on files and file data. They keep these files updated with stock quantities and prices, but they find it simpler to keep using this method rather than online application updates and exchanges. They are used to sending these files to their customers using FTP but they always have a number of issues around FTP failures, reliability issues, and having to spend time diagnosing the problems inherent in these transfers.

 

Company A have a solution – the Managed File Transfer capability that is a part of IBM MQ Advanced. In place of regular FTP, the data inside the files can be sent as MQ messages from Company D to Company A, taking advantage of MQ’s reliability, security and management of data. And best of all Company D don’t need to change the way they handle data as they can still focus on keeping the file contents updated, but Company A can provide a program that can also embed the MQ MFT Agent which can run and extract the contents of the file and send it as MQ Messages to Company A. Just as with the MQ Client, the MQ MFT Agent is designed for easy embedding in an application, and benefits from also being redistributable under the license. The key difference is that MQ MFT Agents are free but only when they connect to MQ Queue Managers that benefit from the MQ Advanced license entitlement or are in the MQ Appliance. In providing this application making use of the MFT Agent to Company D, Company A is taking advantage of the recent change to make the Agent license redistributable, as well as the fact there is now no cost to embed MFT Agents and distribute them anywhere, as long as they connect to their MQ Advanced Queue Managers. Also, the packaging changed to ensure the MFT Agent was available as a standalone zip file for easier embedding.

 

As a business, your buried treasure may be hidden in your data. You owe it to yourself to ensure it is used as widely as possible and as timely as possible. But to do this you need buried treasure in your applications as well – and this time the buried treasure is the MQ Clients and MQ MFT Agents you can now embed in those applications. Hidden in your code, but providing value every day – maybe not buried treasure, but the goose that lays golden eggs?

Not too much of a good thing: MQ V9.0.3

After a gap of a few months I blogged earlier today about deploying MQ Queue Managers in a DMZ so it might seem a bit much to be blogging again so soon. However I will try to keep it short and snappy so you find these entries like a Japanese meal – small portions, but so many courses! And of course, delicious.

So it wasn’t long ago – just March – when I blogged about MQ V9.0.2 on MQ and MQ Advanced on distributed platforms and MQ V9.0.2 on the MQ Appliance. Remember that IBM is delivering MQ V9 as a continuous delivery release. This means that we deliver smallish amounts of hopefully easily consumable and usable function. And these functions, on the whole, will build incrementally to deliver eventually a substantial piece of new function.

 

One of these ongoing deliverables, that has been building over the last few releases is the growing REST API for administration of MQ. New capabilities in this release include read and update of the queue manager configuration, plus querying of the status.

 

Also, on top of the enhancements made to MQ Managed File Transfer, available with MQ Advanced or MQ Appliance, delivered in MQ V9.0.0, V9.0.1 and V9.0.2, there are even more usability enhancements in this release, focusing on problem determination when there may have been an issue in the completion of a file transfer. This is in addition to the license changes made recently that makes this far more attractive for deploying MQ MFT Agents widely through the business.

 

And for the MQ Appliance there was an update to allow an easier transition for some configurations to move to use the end to end encryption provided by MQ AMS when some MQ Clients may not support it, by doing the encryption on the MQ Appliance rather than the MQ Client side.

 

There are now announcement letters for MQ V9.0.3 and MQ Appliance V9.0.3 updates published but perhaps some of the most interesting updates of the MQ V9.0.3 releases was on the z/OS offering. There is already an announcement  letter about this – but this update specifically targeted the MQ Advanced for z/OS Value Unit Edition offering with a set of unique extensions for this delivered as a connector pack on top of the core MQ Advanced for z/OS VUE offering.

This connector pack included a Bridge to Blockchain, allowing MQ Advanced for z/OS VUE to query information on the Blockchain. Also there are changes to the licensing and deployment model of MQ Managed File Transfer components on z/OS. And support for MQ Advanced for z/OS VUE to publish information to the IBM Cloud Product Insights service.

 

There are some additional details on our development blog on MQ V9.0.3 here.

 

So that was a quick run through of the updates in IBM MQ V9.0.3. All you need now is some green tea to wash it down.

When is a wall a great wall? When it’s a firewall?

Today is June 6^th – and the 73^rd anniversary of the D-Day landings in Normandy in World War 2. There were 156000 soldiers landed who attacked the defences on those beaches – the dreaded Atlantic Wall. But they had been preparing for this and had even built walls to practice assaulting, such as the one shown above in Hankley Common in Surrey (down the road from where I live).

Not all walls can withstand assault. But they are almost all built for a specific purpose – to provide safe and secure separation. This holds true for today’s firewalls as well as historical defensive walls.

Hundreds if not thousands of IBM’s customers use IBM MQ to communicate with business partners or separate parts of their own businesses beyond their enterprise firewall. There are a number of ways to do this – including deploying MQ Internet Passthru (MQIPT), opening ports for MQ connectivity, or deploying MQ servers in the DMZ. Not all DMZs are quite as scary or indeed obvious as the one separating North and South Korea. But they exist for good reason – to protect what’s behind the firewall. There is a huge cost associated with data breaches.

The issue some customers have with deploying MQ servers in the DMZ, is that this can lead to messages being persisted to disk in the DMZ – and while devices like IBM DataPower appliances are designed to run in the DMZ this is because they are, on the whole, stateless with no information persisted. This is not the case with IBM MQ, and thus the data on the disk in the DMZ poses a concern due to the increased risk in this environment. This is the primary reason that MQ IPT is used – to avoid the persistence of MQ data here.

IBM doesn’t prevent customers deploying MQ Servers or indeed MQ Appliances in the DMZ – despite typically recommending that customer choose not to do that – there is no impact in terms of their IBM contract or support if they do – this deployment of IBM MQ is still supported – but IBM wants to make sure that customers consider the implication and risk of this (as we do with all their MQ deployment choices – as this is typically critical for their business).
Our concern with the deployment of the MQ Appliance into a DMZ has been that due to being based on the DP hardware customers might see it as addressing these concerns and deploying it as a secure solution to DMZ deployment – whereas the fundamental issue of persisted data still exists. This can be mitigated in various ways such as the end to end encryption of AMS included in the Appliance – but there is no absolute lock-down of the Appliance and therefore we have that statement included in the documentation to ensure that customers make their choice knowingly.

There are therefore a number of different options to allow the movement of MQ messages through the firewall without it going horribly wrong. Customers can deploy MQ or the MQ Appliance into the DMZ if they want to – taking the precautions that are sensible to mitigate risks. IBM will support them with PMRs they raise, but we would work to ensure they are aware that they can be increasing the risk of data compromise and that they should take steps to lock down the environment as much as possible, and use MQ AMS for end to end encryption if using MQ Advanced or MQ Appliance.

Walls are essential, but the best walls make the best neighbours, and with IBM MQ deployed successfully and securely, you can ensure your firewall is a great wall, but that it doesn’t lock your business in – but helps it to grow with safety.

Building higher – IBM MQ V9.0.2

When a building is being constructed, it can be hard, from moment to moment to see progress. Yes – you see lots of activity. Lots of people are busy doing all sorts of important jobs, but it can be hard to see what they are all doing. You need to find a way to keep track of how they are doing. What progress are they making, and what milestones are they hitting.

In delivering updates to IBM MQ, now that we are on a ‘Continuous Delivery’ schedule, we set these milestones of deliveries around 3 times a year. We don’t plan to do IBM announcement letters with every update, but will do blogs here and elsewhere for some of the updates, with official announcements for others. For IBM MQ V9.0.1, there was an announcement letter, and I blogged about it here, but with IBM MQ V9.0.2 there are only blogs – both this one and our development blog from Ian Harwood you can find on developerWorks here. Also there is a YouTube video talking about the new update.

So, what has the development team has been working on in MQ V9.0.2? As with the 9.0.1 update there are several areas of enhancement and new function including:

• Additional REST API coverage
• Further updates to the MQ Console
• Improvements in MQ MFT specifically in MFT Agent status reporting
• Simplification in managed MQ logging on distributed platforms
• MQ Appliance support for HA key renewal and 9.0.2 REST API verbs
• Support for IBM Cloud Product Insights for registration and usage
• Integration with Salesforce messaging events
• Native Debian installer support for Ubuntu
• Availability of MQ Advanced for Developers in the IBM Bluemix Container Service

 

Perhaps as with our description about building construction above, the delivery of any of these features might not be significant, although I think that the logging improvements will make a substantial difference to the many aspects of the use of MQ in the thousands of customers using it today.

 

What hopefully does become apparent is our ongoing support for the continuous delivery process. While some of these updates are brand new and have taken a lot of work, others are continuing to build on the work done in the MQ V9 and MQ V9.0.1 deliveries. These incremental deliveries of REST API support, and now the new Cloud Product Insight support will continue in future Continuous Delivery releases, making these features and the product more useful.

 

Let’s look at a handful of these new features starting with the logging support. Logging is very much the heart of IBM MQ and it is these recovery logs which allow MQ to recover from a failure, therefore providing the reliable and robust nature of IBM MQ. While circular logs are easier to manage, many customer use linear logs but these come with a lot of administrative overhead. The new feature allows for automatic management, recording and reuse of logs, lowering both the administrative overheads and improving the overall throughput in the system

 

IBM Cloud Product Insights is a new cloud hosted offering that many different IBM products will be able to work with. Additional features will be added to work with this over time, but initially there is support for registration and usage. You will be able to register your instances of IBM MQ and track them on the Product Insights dashboard. At this time you will be able to see what level of IBM MQ is install, where, and when it was last running. You will also see some usage information such as the number of persistent and non-persistent messages put, and the total size of data being moved through MQ. There is also a beta of log management, where MQ error logs will be shared with the Product Insights dashboard.

You may have seen the recent announcement of IBM and Salesforce working together more closely. We are very pleased that one of the ways this relationship is being demonstrated is through a bridge between Salesforce and MQ. When an event happens in Salesforce such as a change to data or a new application being run (Salesforce Platform Events or PushTopics), there is now the ability to trigger a MQ message to provide information about that event without the MQ application needing to be directly connected to Salesforce, simplifying your environment but making your systems more connected.

 

And finally, we now have a version of MQ Advanced for Developers available in the Bluemix Container Service. This means that the fastest way to create a development environment for IBM MQ might be with a couple of clicks to provision MQ Advanced for Developers. With pre-configured defaults to simplify administration, there has never been an easier way to get started with IBM MQ. What are you waiting for?

Simple can be better – the new MQ and MQ Advanced licensing

Last year my son did a school project on flight – and his project focused on Leonardo da Vinci, and it was fascinating for us all to learn more about Leonardo’s genius. Not just an artist, his incredible imagination seemed to create and explore new worlds, never dreamed of before. And yet for all his visionary ideas, his quote above also stands out: “Simplicity is the ultimate sophistication”.

The same idea can be seen in Blaise Pascal (and Mark Twain) saying “I didn’t have time to write a short letter, so I wrote a long one instead”. Sadly this applies to this blog entry as well so in the interests of brevity, a quick summary of what’s described in more detail below:
IBM is simplifying the MQ licensing for new purchases:
• Parts now as follows: MQ, MQ Advanced, MQ Idle Standby, MQ Advanced Idle Standby, MQ Advanced for Developers
• MFT Agents are no longer separately and individually licensed but are free to deploy and use when connected to MQ Advanced entitled Queue Managers – essentially providing a free to use MQ MFT network when you use MQ Advanced
• The parts being withdrawn are only those for new entitlements to the separate MQ MFT, MQ AMS and MQ Telemetry parts but not the Subscription and Support renewal parts – you can continue with your existing entitlement as before.
• If you have MQ Advanced today this change applies to all your existing MQ Advanced entitlement – not just to the latest MQ V9.0.1 release.

Today, our world is moving faster and faster. Businesses need to be more agile. Do more with less. Get more for their money. Keeping things simple makes sense today. Even more so as business environments are highly dynamic, and need to balance between unique requirements and common deployments for ease of development, deployment, operations and maintenance.

When it comes to critical offerings like IBM MQ – providing reliable, secure, scalable and robust enterprise messaging, why should we make it more complex than it needs to be? From January 24th 2017, IBM is simplifying the IBM MQ licensing structure to make it simple to describe, simple to purchase, simple to understand and simple to deploy and use.

What are we talking about? Well, for nearly 25 years IBM has been selling IBM MQ – and we still are. But for almost 15 years IBM has been selling extensions to IBM MQ as separate offerings: MQ Managed File Transfer, MQ Advanced Message Security and MQ Telemetry. These all built on and extended the value offered by IBM MQ – and in 2012, as part of MQ V7.5 we brought all the separate components together into a single package, and also created a single offering called MQ Advanced to provide entitlement to the MQ Server along with all of the MQ Server extensions.

Since then, MQ Advanced has been the most popular way to extend MQ, over buying the individual product parts. However, there was always a complexity about the MQ Advanced license for customers using it for Managed File Transfer. This was because MQ’s Managed File Transfer was available as both the MFT Service component that came with MQ Advanced, but also was licensed as MQ MFT Agents on a per Install basis. Even though you might have bought lots of MQ Advanced licenses, you would still need to buy MQ MFT Agents for those systems where you wanted to deploy MQ managed file transfer capabilities, but where you didn’t have MQ Advanced installed. This would be even more noticeable since MQ V9.0.1 shipped which allowed the MQ MFT Agents to be redistributable and made them available in a zip format, suitable for embedding in other solutions. Having per install licensing for MFT Agents would restrict the potential for use of this style of deployment.

As part of this license change, the MQ MFT Agents are no longer chargeable, or licensed per Install. Instead they are free to deploy and use – in any quantity, as long as the appropriate MQ Servers are licensed with MQ Advanced entitlements. The Agent QM, and the co-ordination QM, and the Logging QM for the MFT Agents must all have MQ Advanced entitlement. These can be all the same Queue Manager, or they can be separated – but all must have MQ Advanced entitlement – but then all MQ MFT Agents using these QMs can be deployed and used at no cost, whether 1 Agent, 100 Agents or more.

The licensing for MQ and MQ Advanced going forward is now very simple. You select IBM MQ if you just want MQ, or IBM MQ Advanced if you want MQ and any other capability. Both are licensed by PVU (perpetual or monthly license) – so by the capacity of the machine where you install the MQ server or by the Virtual Processor Core as described here. Along with IBM MQ and IBM MQ Advanced, there are Idle Standby parts for both, and also IBM MQ Advanced for Developers. Just a handful of parts giving you so much potential for your business.

The additional features in MQ Advanced include MQ Managed File Transfer (as mentioned above) which allows the contents of files to be sent reliably and securely over the MQ network as MQ messages. Differentiating factor with this solution is that the file contents can be directly consumed as messages, moving file transfer into virtually real time data usage. Now available to be deployed anywhere at no additional cost when connected to MQ Advanced Queue Managers. Then there is Advanced Message Security, which provides end to end message content encryption. Since MQ V9 this has a new option allowing for encryption at virtually no impact to performance or throughput, helping you protect your business and customer data from exposure in the case of a breach. And MQ Telemetry which enables your MQ applications to connect directly using the MQTT protocol to mobile phones and the Internet of Things.

It’s all so much simpler now to explain, to buy and to use. But what if you have previously bought some of the separate parts. We have made sure to keep the existing renewal parts available so you can continue to use them and stay current with support on them. So nothing needs to change – you can continue exactly as before. But you might want to consider moving to MQ Advanced entitlement as only this will provide the ability to connect MQ MFT Agents at no cost, and there is no entitlement to buy or deploy new MQ MFT Agents without MQ Advanced entitlement in the future. Existing purchased MQ MFT Agent entitlements remain valid and can continue to be deployed and used.

Feel free to reach out to your IBM rep, your IBM business partner or even me to discuss this, and what it might mean to you. We have tried to do this very carefully so that there is no negative impact on anyone today, and that going forward there are lots of benefits – such as the ability to deploy a much larger MQ managed file transfer network at no additional cost with MQ Advanced entitlement. And as an added change, we have ensure that the MQ Appliance license also allows for connection of MQ MFT Agents at no cost – so that provides an additional deployment and connectivity option for MQ MFT solutions.

I will try to write another blog shortly about our MQ Managed File Transfer solution soon – but this one needs to end so you can get back to work.

Think what you can do with this now. It’s going to be a busy year. Let’s start now.

Beginning the new, looking back to the old

The month of January is named after the God Janus – who both looked forward to the new year and back to the old one. So it is perhaps time to set ourselves up for what will be no doubt another very busy year for IBM MQ by a quick review of 2016 – looking at what you should have seen, and also finding time to tell you something new, which you are unlikely to be aware of.

So a quick recap first. In June we released a hardware refresh for the IBM MQ Appliance, adding large capacity SSDs and additional 10Gb network ports as described here. And IBM MQ brought out MQ V9.0 with a new option for end-to-end encryption with an order of magnitude performance boost, and CCDTs now accessed through a URI – and this was described here.

There were additional enhancements in November with IBM MQ moving to MQ V9.0.1 – the first Continuous Delivery release, with MFT enhancements and repackaged MFT Agents, availability of the new MQ Console, and the initial delivery of REST API verbs. These were all described here. And the IBM MQ Appliance also moved the MQ V9.0.1 and added additional features like Floating IP support, SNMP and LDAP authentication of admin accounts. This was written up here.

So if we are all ok with that, I had better share the news that you missed at the end of last year. First a word or two about Processor Value Units. This is IBM’s typical capacity based pricing metric for software. Each machine type and processor type has a PVU rating per core. And software products like IBM MQ have a price per PVU. So as a customer you buy a number of PVU entitlements to meet your capacity need and then deploy IBM MQ on the hardware that matches the PVUs you have bought. However this means you need to always count and be sure that the capacity you have provided to IBM MQ is in line with the entitlement you have, and the physical machines you are running on. But more and more these days software is being deployed on environments that are more abstracted from the actual physical machines – and the capacity being allocated, either on premise or in a cloud, is assigned as virtual cores. But with IBM MQ (and other products) priced only by PVUs, there was some confusion in mapping PVUs to virtual cores.

On December 6th 2016, IBM MQ addressed this by adding a Virtual Processor Core metric to its pricing. This is only available as a monthly pricing metric but provides a new simple, and possibly more appropriate way of buying capacity for IBM MQ deployed in these virtual environments either on premise or in clouds where IBM MQ is deployed with a number of virtual cores of capacity rather than into a fixed physical machine. This is an additional metric. The PVU metric with both perpetual and monthly pricing is still available, but customers now have an additional option of the Virtual Processor Core pricing. There is no announcement letter for this, but the pricing is already available for IBM MQ and for IBM MQ Advanced, so simply ask your IBM sales rep or business partner about this if you want to know more.

Certain customers who can find it difficult to count PVUs might find this very useful. These might include customers such as retailers or retail banks where IBM MQ can be installed in 1000+ different environments, and for customers like this there are other ways to price for this type of deployment so again ask your IBM rep.

That was the last news and updates from 2016, but there is plenty to come in 2017. And you don’t need to wait for long. Just one week to go and I expect to have something new to share here. Not long to wait.

Let your troubles float away with the IBM MQ Appliance

Sometimes you instinctively know when something is right. It just seems to fit. To all fall into place. When you solve a mathematical equation. When you put on a jacket. When you pick up a hammer. You just know it is feels right.

Since IBM released the IBM MQ Appliance in 2015, we have had a lot of customers look at it, and for many of them it has seemed to be something just right for them – just what they were looking for, as it simplified their infrastructure and reduced the tasks of configuring, operating and maintaining their MQ installs.

However, there is plenty of opportunity for improvement, both in adding new features and in improving those already there. And some of the early customer feedback about the MQ Appliance has been critical in some of the enhancements that have already been delivered and also feedback has been critical to some of the features just delivered in the latest update to the IBM MQ Appliance M2001, providing MQ V9.0.1 on the MQ Appliance. Note that this latest software update is also available for customers still running the MQ Appliance M2000.

One of the key new features is the provision of Floating IP support to aid in the High Availability failover configurations. The MQ Appliance provides High Availability by connecting appliances as a pair, and individual Queue Managers can failover from one appliance to another quickly and seamlessly, with the persistent messages and logs already replicated synchronously. However, in order to support this, the MQ client used by the application needed to be configured with not just the IP address of the primary appliance but of the second appliance in the pair as well. This wasn’t always convenient for customers to require all the MQ clients and applications to have a string of IP addresses to prepare for failover.

To address this, and make the experience of using the MQ Appliance even better for our customers, in the latest V9.0.1 level of code, High Availability configurations now allow for Floating IP – which means that as the first MQ Appliance fails over, the second appliance not only starts up a Queue Manager, but it starts up the IP address from the primary, enabling the MQ applications to connect to the second appliance even if they only have a single IP address configured. This should make using the MQ Appliance an even better experience for a much wider set of deployments, without requiring too much of a change to the applications.

As already mentioned above, the MQ Appliance now ships with the MQ 9.0.1 continuous delivery release. This means that the MQ Appliance now benefits from the MQ V9 functions such as the new MQ AMS confidentiality option. This also means that all the new and upcoming features in the MQ continuous delivery stream will be available to the MQ Appliance as those releases come out, with more access to the new REST API for admin and configuration as well as a refreshed MQ Console.

 

Also, as well as some usability improvement for management of the appliance and the MQ operational aspects, this update includes s number of key features exposed from some of the underlying firmware. Key among these are support for SNMP and enhanced security, such as role based authorization, and LDAP authentication for appliance admin accounts. These, again, should make the MQ Appliance fit even better into an organization and be applicable to more use cases.

With further updates to come as part of the Continuous Delivery stream for MQ and the MQ Appliance, there will be more improvements to come to continue to make the experience feel even better. So get ready to float away from your troubles with the latest update to the MQ Appliance.

UPDATE: An excellent blog on MQDev developerWorks site by Ian Harwood. Another blog specifically on the MQ Appliance update by Ant Beardsmore.

Power is nothing without control – IBM MQ V9.0.1

As mentioned on this blog before, much of the modern world runs on, and depends on IBM MQ. Whether sending credit card details from a retail store, tracking a shipping delivery, coordinating stock levels at a factory or processing an insurance claim, IBM MQ is at the heart of thousands of leading businesses, keeping their business running, always available and secure.

So, IBM MQ runs at the heart of your business, helping to keep your applications simple, yet connecting them with reliability and security, highly scalable and highly available, whether processing 1 transaction per day, or 10 billion messages per day. But however it runs in your businesses, it doesn’t run itself. Half of the value of IBM MQ is not just the assured once and once only delivery but that your business has the visibility that the message was delivery successfully or not. And to help your business understand that, IBM MQ can provide lots of information about MQ itself and its activity.

For years IBM MQ has offered a number of different ways in which to configure, manage and control itself. There has been MQ Explorer, MQSC, PCF.

With the release of MQ V9.0.1 – which is the first ‘Continuous Delivery’ release to build on top of MQ V9, IBM has brought new ways for the customer to control and manage their IBM MQ infrastructure.

The first new tool is the MQ Console – this is a browser based tool to configure and manage your MQ infrastructure. You may be aware we have had the MQ Console available on the MQ Appliance since its release in 2015, but this is the first time you can use the MQ Console with MQ software installs as well.

The MQ Console adds some key benefits for customers. One is that you can use a browser and so you don’t need to install anything – unlike the MQ Explorer. Another is that you can customize the MQ Console to show you just what you are interested in – with widgets to show you activity on a queue, or what queues are defined. IBM will continue to update it, but it shouldn’t be seen as a replacement for the existing tools such as MQ Explorer, but rather an additional option.

The MQ Console is built on top of a REST API – and another feature in MQ V9.0.1 is to begin to expose an external REST API. While initially in this release there are only a couple of verbs published, the goal is to continue to add to these in future releases such as 9.0.2, 9.0.3 etc. Many customers will be looking to take the REST API and build new custom tooling to meet their specific needs. It is possible that various 3^rd parties such as the numerous skilled IBM MQ business partners may use this new API to build their own offerings, or even custom offerings for individual customers.

Additionally, there have been some updates to the IBM MQ Managed File Transfer function, available in IBM MQ Advanced. As well as limiting the number of retries when there are failures in using the FTP Protocol Bridge, there is a packaging and install change for the MQ MFT Agent. Previously this was only available as a part of the overall IBM MQ install package – and it required a full install procedure. In the IBM MQ V9.0.1 release, the MQ MFT Agent is now available separately as a zip file. This means that it is now much easier to embed this capability as part of a customer created solution which can then be distributed without the need for the full MQ package or a dedicated install just for the MQ MFT Agent component.

As you can see all of these new features, in the first of these Continuous Delivery releases for IBM MQ V9 provide new value that is specifically aimed at making it easier to take advantage of the IBM MQ capabilities – and take back control of your systems.

Don’t forget you can get a free 90 trial of MQ and see for yourself. And you should also be able to download the MQ Advanced for Developers offering for free development and test.

UPDATE: An excellent blog on the MQDev developerWorks expanding on this topic

Maybe you can now see why it reminded me of the famous series of adverts from Pirelli from maybe a decade ago – Power is nothing without control. IBM MQ gives your business the power of reliable and secure movement of data. Now we are making it easier for you to take control.

[Having used Ed Moses in a previous blog, it is nice to continue the theme of great athletes with Carl Lewis in this one]

Keep climbing up – WebSphere MQ V7.5 End of Support date announced

When you have been fundamental to thousands of businesses, and helping to create the modern world for 23+ years, it can seem like you are on a never-ending journey. And certainly the need for simple, reliable, secure and rapid enterprise messaging never goes away, so IBM MQ is needed now more than ever.

But sometimes we need to bring one chapter to an end, but there are plenty more chapters to get to. You may have seen that we have been rather busy with announcements this year, with new announcements for an updated MQ Appliance, and the brand new IBM MQ V9 release. But we also announced back in April the End of Support date for MQ V7.1. On distributed platforms this was set at April 30 2017.

And today we have just announced the End of Support date for MQ V7.5 – we are giving a little bit more notice on this one – with an End of Support date set for April 30 2018.

WebSphere MQ V7.5 was the last MQ release with the WebSphere branding, and it was the first release where we had brought together all the MQ components, which allowed us to then offer MQ Advanced with MQ, MQ MFT, MQ AMS and MQ Telemetry.

So what to do if you are on MQ V7.5 today? Or perhaps you are just about to move to it? Well it will be in regular support until April 2018. Following that, if you want, you can have extended support for another 3 years. But you might want to think about moving forward to take advantage of all the latest features.

The good news is that migrating should be easier than you might be used to. And with the new MQ V9 option of Continuous Delivery or Long Term Support, you can got as fast as you like. And many of our customers are looking at the MQ Appliance when they are planning an update, to take advantage of the simple and rapid deployment, the fantastic performance without complexity, and the operational and maintenance simplicity.

So the choice is up to you. IBM has sections on migration in the Knowledge Center, and we have services offerings to provide Version to Version migration planning, and implementation.

Feel free to talk to your local IBM representative or partner. Leave me a message here, or ping me on Twitter. Don’t get stuck. Onwards and upwards. Just keep moving.

No waiting in these queues. IBM MQ V9 and the MQ Appliance M2001 delivers fast, reliable and secure message queuing

Recent weeks have been pretty busy on this blog, reflecting just how busy the MQ development team has been in bringing out new and updated offerings in MQ V9 and the MQ Appliance M2001 here and here. And of course in our cloud messaging options.

As both of these have been fairly full of new content I thought I would do just a short update to focus on a couple of key benefits which are specifically measurable in these 2 refreshed offerings. After all, a lot of the new and improved features can sometimes be hard to quantify in terms of the benefits they provide, but in each offering this time there are some easy to define benefits.

As you may have seen in my most recent update, the MQ Appliance M2001 added large capacity SSD storage which enables much faster throughput for persistent messages. These are the messages that get written to storage to ensure they are still available in the case of failure before the message has been successfully deliver to all consumers. At high rates of message throughput, there can be a lot of contention for access to storage with traditional hard drives. With the new MQ Appliance M2001, this potential bottleneck has been removed. You can now read the latest MQ Appliance M2001 performance report here which shows that the performance in those scenarios which saw large volumes of persistent messages sees improvement of up to 3.5 times the previous message rate.

Clearly this represents a significant improvement and given that persistent messages are used in those business critical situations where IBM MQ delivers so much value, it is a hugely important benefit.

 

In MQ V9 there were a number of enhancements but the one I specifically want to call out is, as part of the MQ Advanced package, the enhancement to MQ Advanced Message Security (MQ AMS). The change here was to add a new mode of operation – Confidentiality. This new mode changed the way in which the encryption operations are performed on the message contents (MQ AMS offers policy based encrypted message contents which ensures data at rest is protected in case of a security breach). The goal of this change was to continue to offer a strong level of security for the message contents without too big of an impact on the performance and throughput from the effects of the encryption used.

Now instead of new asymmetric keys being generated for every exchange, the feature can be configured to allow for reusable symmetric keys to be used after the initial generation of an asymmetric key. This still provides a very high level of security, but depending on the reuse count before a new asymmetric key is generated, can drastically cut the performance overhead. The benefits can see more than an order of magnitude increase in throughput. You can see a quick snap shot of some of the early results in Jon Rumsey’s blog here – which includes a small table showing performance improvements exceeding 10x gains. With everyone concerned about security these days, the ability to better protect your information and customer data with little performance impact has to be a good thing.

 

So what are you waiting for? With secure, reliable enterprise messaging for on-premise deployments, cloud deployments or physical appliances, there is no waiting with IBM MQ V9 or IBM MQ Appliance M2001.

[An interesting history of Wile E. Coyote here]