Archive for the ‘Blog’ Category

  • June 1st, 2018

    IBM Mainframe Security To LDAP (Done In 60 Seconds)

    TL;DR — watch this video to see how IBM workload transformation with Heirloom enables you to fully replicate your IBM Mainframe application security controls.

    So far in our “Done In 60 Seconds” series, we have covered application migration (automatically transforming an unmodified Mainframe COBOL/CICS/VSAM application to a Java Application Server & Relational DB) and data migration (migrating a Mainframe VSAM file to a Relational DB without changing the application source).

    In this article, we are putting the spotlight on application security. The IBM Mainframe has acquired the reputation of being a highly secure application platform, primarily because of its ability to manage & control access to application-specific resources. These “rules” and “policies” have a considerable impact on prescribed operational processes related to the application workload, and so it is vital that they can be easily replicated on the target platform. In 60 seconds, here’s how it’s done with Heirloom:

    With integrated support for user-authentication and resource-authorization in Heirloom, existing rules are extracted from the host system (e.g. RACF) and precisely replicated in any industry-standard LDAP server (including open-source implementations such as Apache DS), without requiring any changes to the application code.

    No alt text provided for this image

    Application security should not (as it often is) be relegated to a sideline consideration during (or even, post) a transformation project. Doing so injects a lot of unnecessary risks, and yet many modernization vendors fail to fully address this critical piece of the puzzle.

    Mainframe applications (batch and online) often rely on fine-grained resource-authorization (not just user-authentication), and the transformed application should provide the same controls, without requiring any code changes, to guarantee enforcement of existing security policies via integration with industry-standard directory services.

    Finally, because applications transformed with Heirloom are 100% Java, transport-security (secure communications) and platform-security (safe deployment of application resources) is easily achieved via seamless integration with Java Application Servers.

  • March 1st, 2018

    Mainframe VSAM to Relational DB (Done In 60 Seconds)

    In my previous article, we showed you how Heirloom can automatically transform a complex mainframe warehousing application and deploy it to a Java Application Server in 60 seconds with 100% accuracy, guaranteed.

    Since we’ve already showcased what we can do with application code & logic, we’re now going to take a look at what Heirloom does for data transformation. Again, it will only take 60 seconds so keep that in mind when you’ve watched the video and taken a breath to consider the benefits of transforming proprietary mainframe data stores into accessible relational databases.

    So, what happened? We took a VSAM KSDS file encoded as EBCDIC from the mainframe, analyzed the record structure, and used that XML representation to extract, transform and load the data into a PostgreSQL database table encoded in ASCII. The application was then executed without any changes to the source code (so yes, we were using the applications existing COBOL I/O statements to seamlessly access the relational data).

    No alt text provided for this image

    The application knows nothing of this wonderous outcome and “believes” it is still grinding through a VSAM file that is still blessed with packed decimals & redefined record structures. Heaven. Shhh, we won’t tell if you don’t.

    Further, because the data is now in a relational store, we can easily establish views to make the data visible to other applications that need to interrogate the data via SQL.

    When migrating mainframe workloads, data is often overlooked along with other areas such as batch processing, security, deployment, cloud, DevOps, UI modernization, and application refactoring. Heirloom is the only platform in the market that fully addresses each of these critical components. Something that we will continue to make clear over the coming weeks. And don’t forget, with Heirloom, migrated workloads are 100% Java deployed to any industry-standard Java Application Server (e.g. Apache Tomcat).

  • January 1st, 2018

    Application Transformation (Done In 60 Seconds)

    Mainframe COBOL/CICS/VSAM to Java Application Server & Relational DB

    TL;DR — Watch the video below to see how Heirloom automatically takes a complex mainframe warehousing application to Java in 60 seconds with 100% accuracy, guaranteed.

    Migrating mainframe workloads to anywhere is hard, right?

    You may have seen vendor presentations that promise an assured migration process, led by analysis tools that paint interrelationships between application artifacts that bedazzle (mislead) you into believing that the complexity is well understood.

    It’s also blatant vendor misdirection. The hard part is in the migration, not the analysis.

    What you are seeing is superficial at best. A “shiny object” that distracts you from the complexity ahead, and one that steers you towards an expensive multi-year services-led engagement that is aligned with the vendors business model, not yours.

    Just ask the vendor “where does the application get deployed?”. If the answer is not “any Java Application Server“, you are being quietly led into a dependency on a labyrinthic proprietary black-box that underpins an enforced application software architecture (e.g. MVC). Any assertions that you are now on an agile, open, scalable, performant platform, die right there.

    I’m not going to get into an extensive takedown (in this article) of why migration transformation toolsets that are borne of application analyzers are a hugely expensive strategic misstep because I’d like you to spend the next 60 seconds watching how astoundingly fast Heirloom is at transforming mainframe applications to Java.

    Need a recap? What you saw was a mainframe COBOL/CICS implementation of the TPC-C benchmark (an application with over 50,000 LOC and 7 BMS screens) being compiled by Heirloom (without any code changes) and deployed to a Java Application Server for immediate execution via a browser. All the data for this application was previously migrated from VSAM (EBCDIC encoded) to an RDBMS (ASCII encoded). In later articles, we’ll demonstrate how Heirloom migrates mainframe batch, data, and security profiles just as quickly.

    Although the resulting application is 100% Java (and deployable on-premise or to any cloud), Heirloom provides full support (via Eclipse plug-ins) for on-going development of the application in the host language (COBOL in this example, but PL/I also) or in the target language (i.e. Java), or both. This was done because any transformation is not just about the application artifacts. People are obviously a big part of the IP equation, and securing the engagement of IT staff is essential to ensure a successful transformation. Not just on day 1, but for many years post-deployment.

     
  • December 5th, 2017

    Old Code is NOT Bad Code

    Graham Cunningham, CTO

    Voyager 1 fires thrusters for the first time in 37 years.

    Running a proprietary assembler program written over 40 years ago engineers at NASA were able to use the Voyager’s thrusters to replace the altitude correction engine that had degraded over the last 40 years. This extends the lifetime of the voyager 1 probe for another 2 or 3 years.

    Is there are a finer example than this that old code is not always bad code? Old code also continues to fulfill vital roles for NASA in the same way that it does for your business.

    I did not start to write this article with the expectation that I would be comparing mainframe applications to rocket science but when the facts fit…rocketship

    Just like the incredible continuing value of the assembler code running on Voyager 1 let us take a moment to remember the incredible value of the code living on your mainframe.

    Re-purposing hardware and executing decades-old code on it has significantly extended voyage 1’s life expectancy. We can use the same analogy for existing mainframe applications.

    If we migrate the application using Heirloom we are changing the hardware environment but keeping the existing code and giving it a new lease of life. This will extend the lifetime of these applications and actually increase their value to your company. Migrated applications do not just run in a new environment, their data, previously hidden away in an EBCDIC silo, suddenly becomes accessible to the rest of the enterprise. Imagine adding decades of experience in the form of your companies data to a big data model designed to generate actionable business insights.

  • December 4th, 2017

    CI/CD with COBOL and CICS

    Graham Cunningham, CTO

    Introduction

    Reading about Continuous Integration, Continuous Deployment, CI/CD,  and unit testing etc all seem a million miles away from daily life on the Mainframe.

    In fact, there is a basic question to be answered for all projects, “Why do we need to do continuous integration?”. Agile guru, Martin Fowler puts it best (he usually does) when he says:

    Continuous Integration is a software development practice where members of a team integrate their work frequently; usually, each person integrates at least daily… Each integration is verified by an automated build… to detect integration errors as quickly as possible.

    Large software projects are plagued with integration issues, developer 1 changes code and breaks developer 2’s code. If you are not following a continuous integration approach this will only be discovered near release, resulting in many late nights for the developers and even more grey hairs for the project owners. It is at this point that coding standards fall precipitously and “hacking” a change in to “make it work” can ensure that the next project delivery starts with, often, severe technical debts. Unless you are the US government this debt will have to be paid resulting in longer release cycles and missing features.

    At Heirloom we develop our products and our code every single day following industry best practices and are extremely proud to call ourselves agile.

    That’s great for Heirloom as a commercial software development company producing a completely automated mainframe workload migration platform but what about our customers?

    Well our tooling enables our customer’s mainframe code to fit into industry best practice CI/CD environments and processes just like the one below. Because mainframe code compiled with Heirloom runs on the Java VM we are in the great position that we can utilize all the Java infrastructure that has been built in the last few years to support enterprise application development.

    continuous-integration-101-9-638

    How do we implement this?

    Let’s start with the Developer Workstation. Heirloom is delivered as both a development environment and a set of run-time Jar files.

    The development environment is an Eclipse Perspective. We add COBOL and PL/1 as fully supported languages to the industry-standard Eclipse development environment.

    eclipse cobol

    We can follow a full development cycle here:

    EditCompile Debug Test Commit

    The code being worked on in the image above is a standard CICS application presenting a BMS screen to the user. With Heirloom, BMS screen definitions are automatically transformed into HTML5 templates with the initial template design mimicking the green screen that mainframe users are familiar with. See an earlier post for a typical green screen sample program Mainframe Migration? Why?

    The version control server that we use at Heirloom is BitBucket (our clients have used hosted services like GitHubGitLab, or their own internal repositories).

    The Continuous Build Server that we use runs the  Jenkins open source automation server.

    All our notifications back to the developers are done using Slack channels.

    So what is the process flow?

    1. Developer makes and tests code changes in eclipse and commits them to the VCS
    2. A notification is sent to a slack channel, visible to all developers
      slack bitbucket
    3. The jenkins server is also notified of the change, checks the code out of the repository and starts the build, test and deploy process. Our build pipeline looks like this jenkins pipeline
    4. When all the tests are run Jenkins pushes the newly created artifacts to our overnight build area and creates versioned artifacts in a maven repository. Jenkins then notifies the developers that the build was good (or not) on a different slack channel.slack buildinfo

    Summary

    Heirloom migrates not just your mainframe code to a new platform, the Java VM. It also enables you to transform your developer and integration processes. When you use Heirloom your mainframe projects and developers are now full citizens and can adopt, industry best practices for continuous integration and deployment.

    A pre-requisite that many people may have noticed for all this to work is that there is a set of tests that can be run automatically as part of the build and integration process and that is the topic for the next article

  • November 29th, 2017

    Mainframe Migration? Why?

    Graham Cunningham, CTO

    This article investigates why organizations should consider Mainframe Migration, the options they have, and the steps they need to take to transform their mainframe workloads to run on the cloud.

    Lets set the scene a little bit for a typical large organization that runs business-critical applications on the mainframe.

    1. Your mainframe and your mainframe applications just run.
    2. It causes no heartache, no troubles, when was the last time it “went down”?
    3. If it wasn’t for the pesky leasing payments and the endless contract renewal discussions you probably wouldn’t give it too much thought.

    But there are a few vague, uneasy, feelings:

    1. Perhaps you are not as responsive to your customers’ requirements as you could be.
    2. At month end, quarter end, year end, the batch jobs are only just completing in the batch window
    3. There are a lot of grey beards in the PL/1, COBOL teams
    4. Adding a new type of customer contract takes months with the mainframe screens and seemingly minutes with the web team.
    5. Lets face it a green screen does not have the possibilities to represent data that a modern web browser supports

    Would you rather be working with this green screen? A COBOL/CICS application that has been deployed to Pivotal Cloud Foundry using Heirloom.

    mort greenscreen

    Or with this Angular and D3 application that is also running on Pivotal Cloud Foundry and using exactly the same back end COBOL/CICS program to run the amortization calculation?

    mort angular

    Your companys’ “front-end” applications are being delivered using industry best practices, continuous integration and continuous deployment, CI/CD, of the applications is de rigueur and perhaps most importantly your customers are extremely happy with the features the responsiveness and the look and feel. These applications and the teams that create them are agile in a way that the Mainframe group is not.

    At the same time these web applications are now capable of the same reliability as your mainframe environment, not because every single component works all the time, but because every component has fail-over redundancy built-in. It is a different reliability model to be sure but one to which the organization is gradually becoming accustomed.

    Your company is also becoming accustomed to hardware costs for running the nonmainframe applications to actually fall each year and yet still eke out higher and higher performance. Need to have a little performance kick for black Friday, just automatically scale-out some more application instances, and pay for the extra throughput performance ONLY when it is needed.

    So now the scene is set, check back here for the next post where I will lay out various Mainframe Migration options and the pros and cons of each one.

  • August 16th, 2017

    COBOL/CICS Hooks Up With Pivotal Cloud Foundry

    Gary Crook, President & CEO

    Would you be skeptical of a claim from a vendor that stated you can take existing mainframe workloads (online and batch), and automatically transform them (with 100% accuracy) into instantly agile Java applications that can immediately be deployed to the cloud? You wouldn’t be alone. For many of our initial client meetings, there’s a palpable sense of disbelief (or, healthy skepticism if you prefer).

    So, here’s another 3-minute video from Ian White, Heirloom Computing’s VP of Engineering that demonstrates that claim, using Pivotal Cloud Foundry (PCF).

     

    TL;DW? These are the (simplified) steps:

    What happened? We took an online mainframe application and deployed it to PCF in 3 minutes. No misdirection, real code, real results, and a re-platforming project lifecycle that puts you in control (so you can avoid black-box solutions).

    For us at Heirloom Computing, Cloud Foundry is a great example of how Heirloom maximizes the power of open-source stacks to provide clients with a way to include high-value mainframe workloads in strategic initiatives (e.g. cloud, digital transformation, etc). One that protects existing function, but also one that is seamlessly integrated with an agile ecosystem.

     
  • August 9th, 2017

    Amazon Alexa Hooks Up With COBOL/CICS (On The Cloud)

    Gary Crook, President & CEO

    There’s a lot of chatter about how to make mainframe workloads agile. I have contributed to that chatter myself. The discourse is essential. Boiled down, my assertion is that the mainframe ecosystem is foundationally not agile (and never will be). No amount of DevOps tooling, nor vendor misdirection is going to change that.

    In my last article, I made the following statement:

    Mainframe workloads are an essential part of any digital transformation strategy, but those workloads will persist in a different form. One that protects existing function, but also one that is seamlessly integrated with an agile ecosystem.

    Below is a (3 minute) video that implements the above statement. It was put together inside 2 hours by Heirloom Computing’s VP of Engineering, Ian White.

    This was a mainframe application that was compiled (unchanged) to Java and executed on the cloud using Heirloom, which automatically makes the workload instantly agile (all transactions are immediately accessible as a service). Agile enough for Ian to very quickly hook it up to Alexa.

  • June 28th, 2017

    COBOL & The Definitive State of the World’s Greatest Legacy Ecosystem

    Gary Crook, President & CEO

    TL;DR — see picture left, or… a career COBOL’er makes a compelling argument that legacy application systems (COBOL et al) on the IBM Mainframe are killing IT digital transformation initiatives.

    So, a heads-up… this article is going to be self-serving (at least to start with, perhaps longer), as I’ve come to the conclusion that it is necessary for me to “introduce” myself in an attempt to establish a greater level of credibility than I might otherwise be able to muster!

    I’ve been working for over 30 years. My entire career has been in the “COBOL space”, the vast majority of it working with Global 2000 companies to deliver COBOL application development & deployment platforms that were primarily focused on adding value to the IBM Mainframe (“The World’s Greatest Legacy Ecosystem”).

    I have worked at the “coal face” developing bespoke commercial COBOL applications. I have worked developing COBOL compilers and runtimes. I have led global teams of astoundingly brilliant people that have built COBOL ecosystems from scratch. Back in 2010, myself and a group of others with similar career profiles, and significantly greater areas of expertise, founded Heirloom Computing to bring a new COBOL ecosystem to market.

    Heirloom leverages open-source software stacks (primarily Java); one that immediately exposes existing business rules from mainframe workloads as a collection of Java interfaces and RESTful services so they are immediately available to other applications; one that from day 1 is absolutely guaranteed to accurately retain existing business logic, data integrity, and security profiles; one that allows application developers (using Eclipse) to continue in COBOL, or Java, or both, so IT can “iterate away” from a constrained model to an agile one, at a pace that is determined by their own unique business drivers. This approach removes the “re-platforming” risk and makes the workload instantly agile.

    We did this because we believe (and our investors and customers have validated) that IT needs to get beyond decades-old legacy systems if they are going to compete in a digital world.

    Credibility enhanced? Either way, on we go…

    The IBM Mainframe is without a doubt (and by far) “The World’s Greatest Legacy Ecosystem”. Its reliability, pervasiveness, and keeper of systems of record are unmatched. Today, however, that proud legacy is increasingly burdensome. These (crucial) systems: are severely & systemically constrained (and today, agility really matters); have paralyzed IT with a (fearful non-viable) “do nothing” strategy which consequently inhibits execution of strategic initiatives (like digital transformation) that are needed to compete. And up to this point, we’ve not even mentioned the operational expense nor the risks of an ever-aging/depleting skills pool.

    Some of these systems, especially in government, have eroded/warped to the point that paper processes have been introduced to integrate legacy workloads with new services! This is NOT a failure of DevOps, nor tooling, but a failure of leadership and the brutal reality that mainframe systems of record are inherently NOT agile because a) they were never designed that way, and b) the COBOL ecosystem itself (an archaic compute-model, a procedural language, a failure to embrace open source, a lack of application frameworks, an entrenched culture, …) is NOT agile.

    In article, after article, after article, IT leaders and analysts have clearly identified the challenge. Progressive enterprises like GE and Capital One are already working on solutions. Mainframe workloads are an essential part of any digital transformation strategy, but those workloads will persist in a different form. One that protects existing function, but also one that is seamlessly integrated with an agile ecosystem.

  • April 20th, 2017

    Moving Beyond COBOL

    Gary Crook, President & CEO

    I’ve been involved with COBOL for most of my professional career. It is a language that has many unique characteristics, not all positive. Loved by few and (unfairly) vilified by many, it has persisted because it is extremely good at what it was built for — encapsulating business rules.

    Many of you who have experience with the COBOL eco-system will appreciate the quiet reality of the absolute dependence that we all have on it as we proceed through our working day. The rest of you will likely be somewhat perplexed that anyone even uses COBOL today, and no doubt bemused by the bold assertion that your daily life without COBOL would result in unadulterated chaos. Well, despite the many predictions over recent decades of COBOL’s demise, this reality is not going to change anytime soon. That said, it would be remiss of us to not acknowledge the strategic intent of enterprise IT to convert COBOL to Java.

    For typically risk-averse enterprise IT organizations, moving beyond COBOL is a tricky proposition. These applications represent the competitive differentiation of the business. They are the operational and transactional backbones of the business. They are the definitive manifestation of “mission-critical”. The thought of rewriting or replacing the high-value trusted business processes embedded in these systems can induce violent shudders of apprehension.

    For server-side transaction processing, Java is often (if not already) the strategic platform of choice of enterprise IT – and even in the cloud, many PaaS providers have adopted Java as a supported engine (e.g. Amazon’s Elastic Beanstalk, Oracle Cloud, Google App Engine, and yes, even Microsoft’s Azure). Our take on why targeting the Java platform makes so much sense for enterprise IT, comes down to 4 key benefits:

    1. The ability to deploy and extend applications on an open/strategic platform that is proven and trusted for high-transaction workloads that demand performance, scalability, reliability, security, and manageability.

    2. Consolidation of application infrastructure to a single platform. No need to deal with multiple platforms on multiple operating systems.

    3. Strategically positions applications for the cloud. Many enterprises have already made a strategic commitment to the Java platform. It’s a smart move — Java has already established itself as the de facto execution engine for the cloud.

    4. Improves the productivity and agility of the development organization by modernizing skills, methodology, and process.