Perfect Cloud
-
Upload
dhairya-vora -
Category
Documents
-
view
214 -
download
0
Transcript of Perfect Cloud
-
7/31/2019 Perfect Cloud
1/28
-
7/31/2019 Perfect Cloud
2/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 2
Table of Contents
Faster, Better and Cheaper .................................................................................................... 4
The Three Foundational Shifts in Information Technology ...................................................... 5
Cloud Infrastructure .......................................................................................................................5Embrace Commodity Computing ......................................................................................................... 5Avoiding vendor lock-in ........................................................................................................................ 5Hybrid Clouds & Marketplaces ............................................................................................................. 5
Reduced Cycle Times ......................................................................................................................6Implement Continuous Delivery .......................................................................................................... 6Implement Continuous Delivery on Cloud ........................................................................................... 6
I.T. as a Service ..............................................................................................................................7Services Are Directly Requested By Users ............................................................................................ 7Cloud Offerings are Just Another Service........................................................................................... 7
The Perfect Hybrid Cloud ....................................................................................................... 8
The End-to-End Solution .................................................................................................................8The Solution ......................................................................................................................................... 8
Private Cloud Hardware .................................................................................................................9CPUs for Private Clouds....................................................................................................................... 9High Memory vs. High Computation .................................................................................................... 9Memory Configuration for Private Clouds ........................................................................................... 9Servers ................................................................................................................................................ 10Network Configuration ....................................................................................................................... 10Storage Configuration ........................................................................................................................ 10Hypervisors ......................................................................................................................................... 11Operating Systems ............................................................................................................................. 11
Cloud Platform ............................................................................................................................. 12The Eucalyptus Solution ..................................................................................................................... 12Conceptual Architecture .................................................................................................................... 12Cluster Configurations ........................................................................................................................ 13Logical & Physical Architecture .......................................................................................................... 14
Release Automation ..................................................................................................................... 15The rPath Solution .............................................................................................................................. 15Creating Software Packages & Images ............................................................................................... 17Deploying Images to the Cloud .......................................................................................................... 18Modifying Images in the Cloud .......................................................................................................... 18
Self-Service and the Service Catalog ............................................................................................. 19Spanning Physical, Virtual & Cloud Environments ............................................................................. 20The Service Catalog ............................................................................................................................ 20Self-Service Provisioning .................................................................................................................... 22
Bridging External Clouds with the Private Cloud ............................................................................ 23Eucalyptus-as-a-Service ...................................................................................................................... 23API Compatible Clouds ....................................................................................................................... 23Standardized Self-Service Catalog for both Private & Public Cloud ................................................... 23Standardized Release Automation to Private & Public Cloud ............................................................ 24
Integrations & Solution Add-ons.................................................................................................. 24
-
7/31/2019 Perfect Cloud
3/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 3
License Management ......................................................................................................................... 24CMDB System ..................................................................................................................................... 24Incident & Change Management ....................................................................................................... 25Capacity Planning ............................................................................................................................... 25Systems Availability Management ..................................................................................................... 25Cloud-to-Cloud Secure Networking ................................................................................................... 25Dynamic Configuration ....................................................................................................................... 25Image Conversion ............................................................................................................................... 26Computing Zones ............................................................................................................................... 26Cloud-to-Cloud Failover ..................................................................................................................... 26Cloud-to-Cloud Bursting ..................................................................................................................... 26On-Disk Encryption ............................................................................................................................. 27Support non-X86 ................................................................................................................................ 27
Moving Forward with a Private/Hybrid Cloud ............................................................................... 27Discussing Your Private & Hybrid Cloud ............................................................................................. 28
-
7/31/2019 Perfect Cloud
4/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 4
Faster, Better and Cheaper
Faster, better and cheaper pick 2, is the traditional cry echoed by individuals attempting to
find an optimal target state. Its a very rare occasion when one is able to satisfy all the qualities.
However, when an instance does occur, companies must rapidly prepare for the fundamental
shift that lies ahead. It is our belief that just such a shift is occurring in Information
Technology.
The benefits of cloud computing have been widely promoted. As corporations move beyond
the education phase and into adoption, theyre witnessing the direct benefits of the on-
demand, pay-per-use model. Once a certain level of cloud readiness is achieved, the goal
quickly switches to being able to efficiently deal with the associated I.T. service requests relatedto applications and infrastructure. This includes creating new development and test
environments as well as promoting environments into production. Although cloud
infrastructure brought the technical solution to the table, it doesnt fix the inevitable process
problems.
Our experience tells us that the cloud infrastructure solution must be complemented with
additional process-oriented initiatives, including:
- I.T. as a Service- Cycle Time Optimization - a core concept of the Continuous Delivery movement.
These concepts along with the trend of commoditized computation, virtualization and
marketplaces define the new requirements for the Perfect Hybrid Cloud.
-
7/31/2019 Perfect Cloud
5/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 5
The Three Foundational Shifts in Information Technology
Cloud Infrastructure
For decades, I.T. infrastructure has been providing solutions to decouple software applications
from the hardware. Significant rewards were reaped from mainframe virtual environments, the
Java virtual machine and hypervisors from VMware and others. Modern cloud computing
technology takes these advances to the next logical step.
Our goals remain the same; we want to: 1. Give developers and testers rapid access to secure,
reliable computing environments; 2. Efficiently manage our computational resources (high
utilization); 3. Keep costs down; 4. Avoid lock-in scenarios. Cloud infrastructure must be able to
positively answer all of these considerations.
Embrace Commodity Computing
A core tenet of cloud computing is to use inexpensive, commoditized infrastructure elements.
Practically speaking, this suggests the use of low-cost X86 processors packaged in dense blade
environments typically running a variant of Linux (potentially Windows). Various strategies are
being embraced on the storage side, but again, most organizations are favoring low-cost
solutions over high-end storage area networks.
Avoiding vendor lock-in
A core requirement for modern cloud infrastructure is to embrace open standards, open APIsand where appropriate, open source. Too often, weve seen organizations curtail their use of
virtualization and cloud rollouts because they chose an expensive proprietary solution that
prevented cost effective scale-out. Existing proprietary virtualization solutions should be
embraced for their strengths while contained to those areas where commodity solution wont
suffice.
Hybrid Clouds & Marketplaces
By embracing commodity compute and avoiding vendor locking, an organization is well
positioned to bridge their own private compute environments with external cloud providers. By
creating a computing marketplace, the enterprise will force competition between internal and
external offerings, driving down costs while improving service levels.
Private clouds should be designed to integrate with external
clouds. The hybrid environment should leverage commodity
hardware & software to ensure a cost effective scale out.
-
7/31/2019 Perfect Cloud
6/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 6
Reduced Cycle Times
Rapidly provisioning hardware and operating systems has never been the end goal (its just a
really important step!) Ultimately, were trying to deliver new applications and capabilities to
the business in a timely and cost effective manner. To achieve this, we must coordinate the
building, packaging, configuration and deployment of the application software with our target
cloud infrastructure; a feat easier said than done.
Esteemed I.T. visionary Martin Fowler recently commented, The time from deciding that you
need to make a change to having it in production is known as cycle time and it a vital metric for
any project. The perfect cloud must be purposefully designed to accommodate changes in
the computing environment, applications and configurations. The accepted practice of
continuous integration has now expanded to one of continuous release, or as some refer to
it, continuous delivery.
Implement Continuous Delivery
Moving an application from development to test, stage, or production often causes problems
because of the dependencies on the new environment. For instance, the test version of the
application requires use of the test version of the database server. These configurations must
be decoupled from the application binary. Core to reducing cycle times is proactive
management of the entire software environment. Automated build processes must have
configuration information separated from the binaries and be centrally stored and versioned.
Ultimately, the desired state of the application should be precisely modeled and digitized to
enable a zero-defect recreation of the environment.
Implement Continuous Delivery on Cloud
These practices are true in a cloud or traditional environment; however, in cloud they become
much more evident. Cloud enables push button hardware provisioning, which has the
potential to significantly reduce cycle times. However, to significantly affect the cycle time,
practitioners must take the next step of automating the build, configure and deployment
processes.
To significantly affect the cycle time, practitioners must
automate the build, configure and deployment processes in
their cloud environment.
-
7/31/2019 Perfect Cloud
7/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 7
I.T. as a Service
Information technology has a reputation for not always delivering on its promises. For decades,
I.T. faced rapid changes in hardware and software systems forcing systems professionals to
spend their time mastering new programming languages, operating systems and middleware. A
side effect of this was that not enough attention was being spent on I.T. processes and
achieving repeatable, standardized methods for delivering solutions.
In response to the growing need for process, a focus was put on the servicification of I.T. Large
enterprises were able to deconstruct the activities that they performed into repeatable
offerings. Depending on the size of the organization, hundreds, if not thousands of both manual
and automated services were identified, the majority of which would have no intersection with
cloud for years to come.
As a best practice, I.T. organizations are now encouraged to plan their cloud offerings as
services and to ensure that they dont create new computing silos. Early adopters of cloud
computing often rushed to a cloud solution by adopting a starter cloud solution. Although thesolution was able to introduce users to the concepts of cloud computing, users were being
pushed to use a new cloud portal which had a small subset ofthe I.T. services offerings.
Services Are Directly Requested By Users
A core tenet of cloud computing is self service. Our recommended practice is to embrace
self-service, but to not create yet-another-portal that I.T. users must visit to request services.
Instead, we recommend leveraging a unified I.T. self-service storefront and cloud portal with a
menu or catalog of service options (i.e. a service catalog) to make cloud requests for both
internal and external cloud services.
Cloud Offerings are Just Another Service
Like any other service, cloud offerings should have a full support structure around them. Each
service should have owners, usage descriptions, costs, quality levels, troubleshooting processes,
roadmaps, etc. Implement predefined policies to expedite cloud provisioning while diminishing
the need for exception path approvals. Involve your users in the design of the services their
feedback is important because people instinctively support things that they helped to create.
The cloud solution must fully embrace the I.T.-as-a-Service
concept, not create a new silo.
-
7/31/2019 Perfect Cloud
8/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 8
The Perfect Hybrid Cloud
The End-to-End Solution
The perfect private / hybrid cloud must deliver on all three of the changing paradigms: I.T. as a
Service, Cloud Automation and Reduced Cycle Times. More importantly, it must deliver these
through an integrated environment that provides the right security and control in the right
places, compounding the benefit.
The Solution
To achieve our target state, MomentumSI has selected several best-in-breed components and
brought them together under a united solution set.
In addition to the vendors identified in Figure 2, the Perfect Private / Hybrid Cloud names a
number of additional products which we believe are category leaders for this class of solution.
Combined, the solution satisfies our stringent criteria for a next-generation enterprise grade
cloud solution.
-
7/31/2019 Perfect Cloud
9/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 9
Private Cloud Hardware
The advantage of the private cloud is the ability to have full control over the environment
allowing you to tailor it. Factors affecting the design of the cloud include performance
considerations, security & compliance needs, computationally intensive workloads and storage
intensive workloads. The disadvantage is the need to pay for the infrastructure up-front and
then to support and maintain the environment over its life. Most organizations recognize that
this is the current state in their traditional data center environment and view the private cloud
as a stepping stone to hybrid and externally cloud providers.
Although the specific requirements for designing the private cloud will vary based on scenario,
were providing guidance based on MomentumSIs field experience.
CPUs for Private Clouds
MomentumSI is recommending the use of Intel Xeon processors for use inprivate cloud environments. As Intel continues to release new versions of their
CPUs its hard to make a static recommendation. However, key characteristics
include:
64 bit architecture Low power consumption Use of their Hyper-Threading Technology Use of their Hardware Virtual Machine (HVM) Technology (VT-X) Large L3 cache
High Memory vs. High Computation
The common practice for profiling workloads is to distinguish between those that need
significant memory (often for large caches) versus those that perform heavy computation as
these profiles are traditionally configured differently. For high memory systems, we
recommend dual socket quad-core processors. Typically these are in the Xeon 5500 series or
equivalent. For high computation systems, we recommend the Xeon 5600 series in a dual
socket and 4 or 6 core configurations.
Memory Configuration for Private Clouds
For memory intensive nodes, we recommend 16-64 gig of memory (depending significantly onthe applications). For computationally intensive nodes (and non-memory intensive), 8-16 gig is
recommended.
-
7/31/2019 Perfect Cloud
10/28
-
7/31/2019 Perfect Cloud
11/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 11
Hypervisors
Over the last several years, hypervisors have matured significantly. VMware,
Microsoft HyperV and Xen continue to dominate the landscape. Naturally, Xen is
most commonly found in Linux heavy shops while HyperV is primarily used for
virtualizing the Microsoft technologies. Historically, VMware dominated in the enterprise
but has recently seen its marketshare slip as other hypervisors offer enterprise-gradefeatures as a cost competitive price.
Most large companies already have a significant investment in one or more hypervisors and
would find it very costly to replace them. At the same time, theyre questioning if they can have
a more cost effectively tiered hypervisor strategy. By tiering hypervisors based on business
criticality, organizations are able to save money by only using expensive hypervisors for business
critical applications and leveraging the less expensive hypervisors for less critical needs (dev,
test, demo, etc.). To achieve this, a cloud control layer must be implemented. This function sits
over the various hypervisors and provides a single API and proxy to the individualvirtual
machines. In this way, organizations can have the best of both worlds: a choice in hypervisorswhile maintaining a single virtual cloud of them all.
Our recommendation for selecting a hypervisor is, it depends. Careful consideration must be
given to the application workloads, scale out costs and adoption in commercial cloud providers.
As a rule of thumb, were continuing to recommend the use of the major suppliers (VMware,
Microsoft and Citrix XenServer).
Operating Systems
Hypervisors enable the execution of guest operating systems. Our customers typically
run RHEL, CentOS, Ubuntu or Windows Server 2003/2008 in either 32 or 64 bit versions.
The decision is made based on the needs of the applications that reside on the OS.
Virtually all of our customers support Windows as well as at least one flavor of Linux.
Regardless of the operating system, organizations should settle on specific vendors and
versions. These decisions should make their way into a standard model that contains
all of the right patches, utilities, etc. The model should be declarative specification that
guides provisioning, security and system maintenance. MomentumSI provides best
practices on the creation and maintenance of the model.
-
7/31/2019 Perfect Cloud
12/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 12
Cloud Platform
Virtualization technologies play a significant role in the private/
hybrid cloud solution. However, their primary role is slave to the
cloud platform. Just as virtualization solutions do a good job of
abstracting a workload from a single computer, cloud platform
solutions decouple workloads from any one machine, storage
device or network.
MomentumSI selected Eucalyptus to provide an enterprise grade cloud platform. Key factors
included:
Support for multiple hypervisors (Xen, VMware, KVM, etc.) Use of Amazon AWS API allows 3rd party ecosystem tools to be use with Eucalyptus Embracing open standards and open source, allowing customers to mitigate vendor
lock-in
Extensive feature set (compute-as-a-service, BLOBs, block storage, etc.)
The Eucalyptus Solution
Eucalyptus is an open source cloud platform. The OSS project is backed by a commercial
company, Eucalyptus Systems, which provides paid support and extended features.
Fundamentally, Eucalyptus allows an organization (enterprise or hosting provider) to turn
traditional data center equipment into an infrastructure-as-a-service environment, similar in
nature to Amazon EC2.
In fact, Eucalyptus has modeled their API to be fully compatible with Amazon Web Services,
enabling their solution to leverage the vast set of Amazon tools that have emerged. In addition,
their tooling and image formats allow for users to easily switch between delivering applications
from internal private clouds, to externally hosted Eucalyptus instances or alternatively, directly
on the Amazon cloud.
Conceptual Architecture
The Eucalyptus system is divided into a number of modules enabling a highly scalable and
redundant architecture. The primary elements are:
Cloud Controller (CLC)
The CLC is responsible for exposing and managing the underlying virtualized resources (servers,
network, and storage) via a well-defined API (Amazon EC2) and a Web-based user interface.The CLC is responsible for querying the node managers for information about resources, making
high level scheduling decisions, and implementing them by making requests to cluster
controllers.
-
7/31/2019 Perfect Cloud
13/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 13
Cluster Controller (CC)
The CCs gather information about a set of VMs and schedules VM execution on specific NCs.
The CC also manages the virtual instance network and participates in the enforcement of SLAs
as directed by the CLC. All nodes served by a single CC must be in the same network domain.
Node Controller (NC)NCs control the execution, inspection, and termination of VM instances on the host where it
runs, fetches and cleans up local copies of instance images (the kernel, the root file system, and
the ram disk image), and queries and controls the system software on its node (host OS and the
hypervisor) in response to queries and control requests from the cluster controller. The Node
controller is also responsible for the management of the virtual network endpoint.
Storage Controller (SC)
SCs implements block-accessed network storage (e.g. Amazon Elastic Block Storage -- EBS) and
are capable of interfacing with various storage systems (NFS, iSCSI, etc.). An elastic block store
is a Linux block device that can be attached to a virtual machine but sends disk traffic across the
locally attached network to a remote storage location. An EBS volume cannot be shared across
instances but does allow a snapshot to be created and stored in a central storage system such
as Walrus, the Eucalyptus storage service.
Walrus Object Storage
Walrus (put/get storage) allows users to store persistent data, organized as eventually
consistent buckets and objects. It allows users to create, delete, list buckets, put, get, delete
objects, and set access control policies. Walrus is interface compatible with Amazons S3.
The Management Platform
The Management Platform provides an interface to various Eucalyptus services and modules.These features can include VM management, storage management, user/group management,
accounting, monitoring and enforcement SLAs, cloud-bursting, provisioning, etc. Note that this
functionality focuses on administrative functions, not user services. User functions are handled
via the self-service storefront and service catalog (see below for the section on newScale).
Cluster Configurations
Virtual machines are managed by a Node Controller (NC) and are grouped together by a Cluster
Controller (CC). Eucalyptus allows the administrator to define the number of VMs per server.
The number allocated will depend on the target hardware and the profile of the workload(heavy vs. light) but will typically vary from 4-20. This number will be affected by the amount of
memory in the system, as physical memory is shared across the virtual instances.
-
7/31/2019 Perfect Cloud
14/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 14
Logical & Physical Architecture
The Private Cloud lives inside of your current data center acting as a special purpose elastic
computing resource. From a networking perspective, the private cloud is segmented into its
own subnet for security and traffic management purposes. The cloud can be expanded by
adding cluster controllers or by increasing the number/size of the servers inside of cluster.
Within the clusters, Eucalyptus offers a VLAN network that uses the Cluster Controller as a
router for all active VMs in the cluster. This feature can be used to create availability zones for
failover / disaster recovery scenarios.
-
7/31/2019 Perfect Cloud
15/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 15
Release Automation
Eucalyptus provides the software necessary to turn a traditional virtualization landscape into a
full-featured cloud. However, it doesnt answer the question of how to best package the
software for deployment to the cloud. In our quest to reduce cycle times, enterprises must
prioritize the ability to package and deploy software to cloud environments.
MomentumSI selected rPath to provide an enterprise grade release automation solution. Key
factors included:
Powerful system and software modeling for driving accurate provisioning and updates Best-in-class software packaging & dependency management Ability to work across physical, virtual & cloud environments Version controlled hub for software distribution and change
The rPath Solution
rPath is a model-driven and version-controlled solution for system automation. Based on a
version-controlled repository, rPath acts as a software distribution hub (Figure 4.) for controlled
reuse of application, OS, middleware and other system artifacts. From this hub, version
controlled system components can be reused (directly from rPath or by populating the
newScale service catalog) to construct new systems and business services that are consistent,
compliant and dependency complete. These business services are ready to deploy to any
physical, virtual or cloud environment and theyre easy to update, patch, roll back or
regenerate automatically and on demand.
-
7/31/2019 Perfect Cloud
16/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 16
These centrally managed system components are integrated back through their software
supply chaincustom, commercial, and open source. As changes are made to these software
sources, they can be easily flowed through rPath and propagated across deployed systems and
business services. rPath automates four key functions for IT system deployment and
maintenance:
1. Automated generation of images for rapid deployment to physical, virtual or cloud targets
2. Automated updates and rollbacks
3. Compliance reporting and remediation
4. Controlled lifecycle promotion
rPath provides a unique model-driven and version-controlled approach to release automation.
Model-driven
Unlike script-based automation solutions, rPath deeply models the entire software stack as adetailed manifest, providing a canonical description of all of the software, dependencies,
configurations, and policies relevant to a specific system.
rPath generates this manifest via two automated functions that rPath performs natively:
(1) Dependency discovery/resolutionrPath automatically discovers and resolves the entire
dependency chain, ensuring that systems are complete and ready to deploy;
(2) Enforcement of IT policiesrPath allows IT to define and enforce build-time policies to
ensure conformance to corporate and regulatory standards and best practices.
This model becomes the basis for generating images for rapid provisioning and conflict-freesystem updates across any physical, virtual or cloud-based environment.
Version-controlled
rPath is the only vendor that offers a fully version-controlled release automation solution. rPath
isn't a source code control management (SCCM) system. Rather, it borrows many of the key
principles from source code control, providing deep control to management of deployed
software systems for managing scale and change.
With rPath, every system artifact is versioned:
Application components OS components Middleware components Policies Configurations Installation Scripts Manifests
-
7/31/2019 Perfect Cloud
17/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 17
This provides several key advantages:
Systems can be defined hierarchicallywhere systems are defined as branches frombase platform components that are managed centrally and reused as referenced links.
Changes are made centrally at the top of the hierarchy and cascaded across deployed
systems.
Systems are defined by a single version numberrather than dozens or hundreds ofindividually versioned packages that typically describe a deployed system
Versioned systems can be controlledrolled forward, rolled back or rolled out inphases
Version systems can be consistently reproducedacross lifecycle phasesdev, test,production, support
Simplified troubleshootingdifferences between system versions can be bisected forrapid identification of root causes of outages
How does this approach apply to the perfect private cloud? rPath delivers three crucial use
cases: creating cloud images for deployment, deploying images to the cloud, and maintainingrunning systems in the cloud.
Creating Software Packages & Images
The traditional provisioning approachbuild each
new machine from scratchis completely
inappropriate for the cloud. The cloud calls for
ready-to-run, fully baked images that include
everything the new system needs, such as the OS,
patches, middleware, application programs, and
configuration data.
But maintaining a library of such golden images is
prohibitively expensive. It is simply too difficult to
make needed changes to a static image without breaking something.
rPath provides a unique, best-of-both worlds approach. You import your software and
configurations into the rPath hub, and create flexible models for your systems and applications.
These models are easy to change, understand, and validate. Then, rPath dynamically generates
complete imagesfor any physical, virtual, or cloud environmenton demand. These images
accelerate provisioning, but are fully discardable. Given a models version number, rPath canalways regenerate that models image.
-
7/31/2019 Perfect Cloud
18/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 18
Deploying Images to the Cloud
In addition to generating images, rPath integrates directly into downstream hypervisors and
cloud managers to upload and validate images. For example, in an environment with
Eucalyptus, rPath automatically uploads each dynamical-generated image to the Eucalyptus
image store.
When new systems are launched from the
uploaded images, rPaths management
software automatically inventories and tracks
the new systems in the rPath versioned
inventory. Even in a complex public/private
environment with multiple deployment
targets, you can see a single list of all
managed systems (with the versions of the
models they follow) in the rPath inventory.
Modifying Images in the Cloud
Clouds enable the patch-by-rebuilding model. For many applications (such as stateless grid
computation engines and web front-ends), theres no loss if any given system disappears. So
the best way to roll out any change is to change the model, rebuild the image, and simply
replace the old systems with new systems. rPath image generation makes that process fast.
But many applications are not so simple. Applications with interesting state or session data
may need to run for an extended period of timeand in todays security environment, any
system that is running for more than a few days may require a patch or update. Most cloud
management tools avoid this use case, but it is an IT reality.
rPath solves it via the versioned inventory. When you change a system model in rPath, two
things happen simultaneously:
New systems you provision reflect the change going forward because rPathbakes the change into the images it generates.
rPath lists the existing systems that were built with the previous version of themodel, and offers to update them dynamically. Since rPath updates systems by
moving from one validated model version to another validated model version,
the changes are safe, incremental, and roll-backable.
The result is a best-of-both worlds approach to cloud systems. Whether your application
enables patch-by-rebuilding or not, a single model can automate the complete lifecycle.
-
7/31/2019 Perfect Cloud
19/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 19
Self-Service and the Service Catalog
The newScale Solution
The newScale software suite provides the set of solutions
necessary to fulfill the I.T. as a Service vision. Their offering
takes a service-centric perspective, providing standardizedI.T. offerings through a self-service portal with orchestration
and lifecycle management for automated delivery and tracking.
I.T. product managers are able to fully describe and promote their offerings in a portal for their
users. Enterprise architects and governance professionals can ensure consistent and repeatable
processes through by enforcing policy-based controls in the newScale solution. And consumers
of I.T. services can order from the catalog to provision I.T. resources in a self-service manner.
In cloud computing, self-service is a high priority. Users expect the ability to provision
infrastructure in minutes, not days, weeks or months. By providing a single source of truth forI.T. services within newScale, users are able to enjoy the one-stop-shopping and consumer-like
e-commerce experience that they have come to expect. Different tiers of services and options
can be presentedwith marketing templates to help drive demand to lower cost options
(supporting a virtual-first or even cloud-first approach).
With self-service through a catalog of standardized options, IT organizations can eliminate the
back-and-forth requirements gathering process, orchestrate automation across IT silos, and
improve visibility into demand to help ensure more accurate capacity planning. Once services
are requested, newScale provides the orchestration and lifecycle tracking to manage the end-
to-end process from provisioning to re-purposing or decommissioning as well as the visibility
into consumption to enable service-based cost allocation showback or even chargeback.
MomentumSI selected newScale to provide an enterprise-grade self-service storefront and
cloud automation solution. Key factors included:
Ability to define and publish standardized infrastructure offerings in a service catalog Enable self-service with an easy-to-use "e-commerce" ordering experience Govern approvals and orchestrate the end-to-end provisioning process Ensure operational compliance and track the lifecycle for workloads Manage consumption and costs, with visibility to enable pay-per-use billing. Ability to integrate with the cloud ecosystem (release automation, infrastructure
providers, etc.)
-
7/31/2019 Perfect Cloud
20/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 20
Spanning Physical, Virtual & Cloud Environments
A core philosophical tenet that we want to drive home is that the various environments
(physical, virtual & cloud) should not create silos! To the greatest extent possible, the
environments should be managed by a consistent process and tooling base. It has been our
experience that if an organization treats each of these as one-off environments, they will be
unable to achieve the cost savings or agility they desire. In addition, silos in the physical orvirtual areas will create barriers to cloud adoption. Conversely, if the aforementioned are
treated with consistent processes and tools, our users and auditors will feel more confident and
secure in the environments. This in turn will create a much more rapid and natural progression
into a cloud environment. The same benefits are also gained when both private and public
clouds are managed with such consistency. In fact, the better visibility the service catalog has of
the available options, the better it can steer consumers to the best-fit or lowest-cost offering.
The newScale RequestCenter application offers pre-configured integrations to third party
systems across physical, virtual and cloud environments including virtualization tools like
VMware and public cloud providers such as Amazon EC2 cloud for automated provisioning, de-provisioning and management of servers, storage and associated services. The same capability
can be utilized to manage your Eucalyptus private cloud.
The Service Catalog
newScale RequestCenter provides end users with a personalized view of the service catalog
representing a one-stop portal destination for requesting any type of service and tracking
service request status.
Users see the services in the catalog that they are entitled to order, based on their functional
position, location, and associated permissions. With seamless integration to LDAP and Active
Directory, IT organizations can manage authentication and authorization to ensure employees
request only those services appropriate to their job function.
-
7/31/2019 Perfect Cloud
21/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 21
When used together with newScale LifecycleCenter, IT can provide a pre-built wizard guide
for ordering services, to improve self-service, encourage adoption of IT standards, and drive
down costs. With this guided self-service shopping experience, users are steered to the right
service package that best matches their needs. Policy-based controls and approvals ensure that
the right governance and compliance policies are enforced.
From our perspective, the service catalog performs four primary functions:
1. It communicates standard options, specifications and costs of services.2. It enables self-service access to virtual and cloud services3. It coordinates and orchestrates the provisioning process4. It tracks and manages the service lifecycle and usage
Enterprise I.T. organizations must focus on reducing operational costs. To achieve impactful
results, it will be important to simplify ongoing, repetitive management tasks through
automation, while hiding the technical complexities from the users. By doing this, organizations
can continue to better define standard service options and service tiers, leading to overall
improvements in service quality. The service catalog is the heart of the service simplification
movement and thus, is core to our private/hybrid cloud solution.
-
7/31/2019 Perfect Cloud
22/28
-
7/31/2019 Perfect Cloud
23/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 23
Bridging External Clouds with the Private Cloud
The Private Cloud weve described enables organizations to more effectively utilize computing
resources and to better respond to internal I.T. infrastructure requests. To complement the
private cloud, many organizations are joining their private cloud with an externally provided
public cloud. By combining private and public clouds a hybrid cloud is created. Each cloud
segment can be used to it strength. The private cloud can run the most sensitive production
payloads and provide low-latency integration access to other internal applications and data
sources. External clouds can be used for failover, disaster recovery, development & test
environments, one-time burst computing jobs, new computing capabilities in a specific
geographic region, and so on.
Although there are several different kinds of public clouds (SaaS, PaaS), our focus is purely on
IaaS clouds. From this perspective, there are a couple practical options on how one can logically
extend their cloud:
1. Use a hoster / cloud provider who provides Eucalyptus-as-a-Service2. Use a public cloud provider who is API compatible, such as Amazon
Eucalyptus-as-a-Service
Eucalyptus is an open-source initiative with commercial backing. Due to its open nature, hosting
providers are able to turn their traditional data center offerings into a cloud offering. The
obvious advantage of this approach is that the software used in your data center can be a
binary match to the software being used in the external cloud. This significantly mitigates the
potential concern of software working in one cloud segment and not in the other.
MomentumSI is working with a number of established hosting companies to provide
Eucalyptus-as-a-Service capability. As a network for providers comes online, we anticipate thatthe competitive nature will drive down costs and also force providers to create value-added
offerings to provide product differentiation. Although the differentiation could lead to a
fragmentation in the offering, the core Eucalyptus services will be the common foundation that
can and should be used by the internal private cloud and the external solution.
API Compatible Clouds
In the past, Eucalyptus has delivered an API compatible version of Amazon AWS EC2. However,
we anticipate that the Eucalyptus open source community will rapidly drive the innovation of
the offering. Using EC2 as an extension of your hybrid cloud is a simple and easy way to get
started; however, were aware of a number of emerging solutions that will also offer compute-
rich solutions. Our recommendation is not to worry about being Amazon API Compatible, but
rather to allow the innovation in Eucalyptus and the ecosystem to drive innovation.
Standardized Self-Service Catalog for both Private & Public Cloud
A core tenet of the I.T.-as-a-Service vision is to use a simple and consistent approach to
requesting and managing ALL I.T. services. The interaction model with the public and private
cloud must be consistent, with standardized policies, security, governance and self-service
-
7/31/2019 Perfect Cloud
24/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 24
experience. For this reason, were recommending the use of the newScale to provide the front-
end self-service IT storefront, policy-based controls, orchestration, and lifecycle management
for both private and public cloud offerings. We consider the use of multiple front-ends to
individual clouds an anti-pattern, leading to cloud silos.
Standardized Release Automation to Private & Public CloudMomentumSI recognizes that the transition to cloud computing will be a gradual movement. In
large companies this process will take approximately 3-7 years to truly take hold. During this
transition, it is necessary to implement a standard software release model. The enterprise
should use the same basic process across physical, virtual and cloud environments, as well as
the same tooling.
rPath provides consistent tooling that can create software deployment packages for private
Eucalyptus environments as well as Amazon, VMware and other leading providers. Again, it is
important not to create one-off processes or proliferate a number of tools across the
environments. Simplicity should be the rule for managing the environment.
Integrations & Solution Add-ons
The private/hybrid cloud weve described serves as a solid
foundation. Many enterprise customers choose to implement
this solution profile as the base and then extend the capabilities with a number of traditional
infrastructure and operational capabilities. This section identifies several of the popular
integrations and cloud add-ons that are requested.
License Management
Enterprises need to re-think how they purchase, allocate and account for software licenses as
they move to a cloud environment. The scope of this project reaches across purchasing, legal,
license management, and cloud administration teams and must be carefully thought out. Will
your current licenses allow the type of cloud usage you are planning? What will your company
policy on the purchase of future licenses look like to maximize your cloud potential? How will
you track and manage the usage of these licenses in the cloud? MomentumSI has helped
clients answer all of these questions and implement the tools needed to safely and efficiently
manage licenses in the cloud.
CMDB System
The use of a configuration management database (CMDB) in a cloud environment will look
nothing like the CMDB in a typical enterprise. The way you do discovery, federation and
general ITSM activities in a global cloud platform can be totally different than what your
legacy CMDB was built to do. In most cases, enterprises will find that they will want CMDB-
like qualities embedded in to their cloud infrastructure platform or service catalog, and not
living as a stand-alone system. In fact, newScales lifecycle management effectively provides a
-
7/31/2019 Perfect Cloud
25/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 25
service management database (SMDB) that provides tracking and management for the IT
resources requested and delivery. In most situations, this may be sufficient for cloud in other
cases, it can be integrated to an existing legacy CMDB.
Incident & Change Management
The old saying the bigger they come, the harder they fall applies well to cloud environments.A small change-gone-wrong scaled to thousands of VMs can quickly turn in to a major problem
if not properly managed. The distributed nature of cloud environments across facilities,
platforms and providers makes managing both large and small incidents a core part of
enterprise cloud projects. Most enterprises already have an incident and change management
platform that can be modernized to accept the different inputs and data types generated by a
cloud platform.
Capacity Planning
A by-product of proper monitoring and metering will be the seamless ability to forecast
capacity needs and provide just the right amount, in the right place, at the right time. But toreally take advantage of the concept of cloud computing, your capacity planning process and
tools should look at more than peak usage. Being able to evaluate workloads in real-time to
find the best location, platform and time of the day/week/month to run will not only maximize
your capacity but will result in faster processing for less money.
Systems Availability Management
Just like in traditional IT environments, measuring and reporting against Slaps is an important
function. MomentumSI recommends that clients measure the following six areas in the cloud,
at a minimum: Availability, Reliability, Recoverability, Maintainability, Resiliency and Security.
In addition, clients should consider monitoring things like capacity, cost, incidents/tickets,
change requests and dozens of other metrics depending on their goals and needs. Being ableto get this data out of your global cloud environment and report on it is essential to meeting or
exceeding the Sals your business demands.
Cloud-to-Cloud Secure Networking
As your cloud platform expands it will encompass far more than just a single facility. Youll be
using resources that span countries, providers and technologies. Making sure your data moves
safely and seamlessly from one part of your cloud to another is key security practice. Can you
prove to an auditor that traffic arriving from another part of the cloud has not been viewed or
changed by anyone else along the way? As more critical aspects of your business start to run in
the cloud, things like traditional SSL and VPN will not be enough for most organizations youneed a layered approach to addressing this problem. Planning for this up front will save time
and money later.
Dynamic Configuration
Automation tops the list of must-dos in the cloud to obtain the efficiency of scale that makes
cloud so attractive. Make sure that your cloud platform is capable of automated, dynamic
configuration of things like policies, network rules (VLAN, Firewall, routing), resource allocation
-
7/31/2019 Perfect Cloud
26/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 26
and account/user management. Using a standalone or integrated configuration engine to apply
standards and management of this dynamic configuration is a good way to reduce your
administrative burden while not losing control of the environment.
Image Conversion
Every enterprise has standard builds of server images in a variety of different OS types andpurposes, and every cloud platform and hypervisor has a slightly different way they need to see
those images packaged. There are both manual and automated tools available that will take a
single image designed for one platform or provider and convert it to run in one or more other
environments. As both the number of images and the number of environments grow, this is
another task best left to automation.
Computing Zones
Amazon calls them availability zones in their AWS service that are based on geography, but at
MomentumSI we talk to our customers about Computing Zones. Weve mentioned in this
document numerous times that your cloud platform will span divisions of your organization,providers, technologies, and even continents. Each of those separation points will act as
physical zones, but it is best to draw and manage against your own logical Computing Zone
boundaries. Maybe you want to have a zone based on geography, or by criticality of
processing, or by cost let your business drivers be the guide, not what a particular provider or
geography defaults to.
Cloud-to-Cloud Failover
Despite the overlapping, redundant nature of cloud computing failures happen and you
need to be prepared for them. MomentumSI can help you convert and synchronize your
machine images and data to a second or third provider and even automate the failover in case
of an outage affecting your primary resources. In addition, if your cloud platform spans to orfrom your enterprise network, you could fail out to the public cloud or in to your private
cloud resources depending on where the primary computing failure is occurring.
Cloud-to-Cloud Bursting
Cloud Bursting is an often-discussed topic in the industry right now and refers to the concept
of adding capacity to a computing environment, only when it is needed, using the cloud. A
simple example is that your company sells flowers, and your website does 500 orders 363 days
out of the year. You need 4 servers to keep up with that load, and you host everything
internally. On Mothers Day and Valentines Day, you do 50,000 orders and need 400 servers.
Rather than keep those extra 396 servers on-site all year, you would design your applicationand infrastructure to burst out to the public cloud when the load exceeds what your 4 servers
can offer. This is an extreme example more common would be to burst for month end
processing or on a daily basis for 1-2 hours during peak load times. The trick to properly using
cloud bursting is in the architecture of your application and the rules you implement around
how, where, when and why to burst.
-
7/31/2019 Perfect Cloud
27/28
P r o p e r t y o f M o m e n t u m S I , A l l r i g h t s r e s e r v e d . C o p y r i g h t 2 0 1 0 Page 27
On-Disk Encryption
As you put data out in a shared environment, it is obvious that the risk of theft or accidental
disclosure increases. Luckily, there are simple, reliable and low-latency encryption solutions
available for data at rest (on disk). The hard part with any encryption project is properly
storing, using and managing the keys to the encrypted data. If you store the key alongside the
encrypted data, it might as well be in clear text. Just like with cloud bursting, properarchitecture is essential to maximize the impact this technology can offer.
Support non-X86
For most non-x86 systems and applications, running in a cloud or cloud-like environment will
just feel like old times. There are providers and technology vendors offering mainframe time in
the cloud, COBOL in the cloud, and other legacy systems in and around the cloud. Many
people say mainframes were the original cloud because they were designed and built as the
original multi-tenant, time-shared platform. The big question to ask is how much custom
integration or modernization of the platform or application is required, and what will that do to
the reliability and security of the original design? MomentumSI will help you see the pros andcons of moving non-x86 platforms or code to the cloud, and help you put an architecture and
plan together to do it right the first time.
Moving Forward with a Private/Hybrid Cloud
Self-service private/hybrid clouds help enterprise IT deliver the simple, self-service, on-demand
infrastructure services readily available from public clouds like Savvis and Rackspace.
In turn, IT departments reap the following advantages:
Improved agilityDeployment cycles shrink from months to minutes, making IT farmore responsive to business lines and other internal customers.
Reduced capital expenseUtilization of hardware capacity improves dramatically dueto elastic provisioning and de-provisioning of services.
Reduced operating costsSoftware infrastructure and provisioning processes arestandardized and automated. Control is decentralized to decentralized constituents.
Reduced riskThe controlled cloud provides an alternative to rogue deployments tothe public cloud. The ability to move workloads between deployment environments(physical, virtual or cloud) avoids platform lock-in.
The core technologies and services within the MomentumSI self-service private/hybrid cloud
platform include:
-
7/31/2019 Perfect Cloud
28/28
newScale service catalog creates a Web-based, e-commerce ordering experience foreither private or public cloud services. With newScales software, IT can enable on-
demand provisioning, enforce policy-based controls, manage the lifecycle for workloads,
and track usage for billing.
rPath release automation controls and promotes reuse of standardized softwareinfrastructure and automates system construction, maintenance and on-demand image
generation for deployment across any physical, virtual, and cloud environment.
Eucalyptus cloud automation establishes an elastic infrastructure framework thatenables organizations to deploy massively scalable private and hybrid cloud computing
environments within a secure IT infrastructure. Eucalyptus is fully compatible with the
Amazon Web Services public cloud.
MomentumSI professional services provides implementation services, best practicesand the adoption model for making the transition to self-service public cloudcomputing. Beyond the technology components, MomentumSI also addresses the
people, process, organizational, and educational issues involved in optimizing each
clients self-service private cloud.
Discussing Your Private & Hybrid Cloud
This paper has identified a unified solution for creating a private & hybrid cloud. However,
every cloud solution will be tailored to the customer requirements. MomentumSI offers a free
half-day workshop to discuss the specifics of your environment and answer your questions on
private and hybrid clouds.
Call or email to schedule a discussion
MomentumSI serves enterprise customers globally. Our whiteboard workshops are free and
there is never any obligation to have any service performed. Please call or email us now:
[email protected] Phone: 512-844-1732.
Half-Day Agenda
Briefing Review the MSI Cloud Reference Model (30 minutes) Whiteboard Session Assess your current & target cloud architecture (60
minutes)
Briefing Review the MSI Apps-to-Ops Process (30 minutes) Whiteboard Session Assess your current & target delivery model (60
minutes)
Discussion Next Steps (60 minutes)
mailto:[email protected]:[email protected]:[email protected]