The Production Cloud, Because Not All Clouds Are Created Equal

IT INFRASTRUCTURE | CLOUD | MANAGED SERVICES PEAK10.COM

The cloud is not just for backup storage, development projects and other low-risk applications. In this document, we look at the characteristics of a public cloud environment that make it suitable for running production workloads. The Peak 10 Enterprise Cloud serves as an example of the architecture and components necessary to provide the required levels of performance and security to achieve the benefits of the cloud while running mission-critical applications.

The Production Cloud…Because All Clouds are Not Created Equal

4.8.2014


In the nascent stages of the cloud — specifically the Infrastructure-as-a-Service (IaaS) service model configured as a “public” cloud — early adopters initially migrated their low-risk workloads to test the waters. These were typically applications for which IT couldn’t afford the infrastructure needed to accommodate traffic spikes. Among them: test and development environments, collaboration services and batch data analytics.

The cloud evolved to be a reliable business delivery model, accommodating these applications and yielding important benefits such as reduced total cost of ownership (TCO) and increased business agility. Now many organizations are ready to move — have already started moving — more complex applications to the cloud. In a 2012 study commissioned by VMware and conducted by Enterprise Strategy Group (ESG) it was reported that 67 percent of the mid-market and enterprise companies surveyed were running what they considered to be mission-critical workloads on IaaS.1

Not surprisingly, the number of vendors entering the space is increasing as the market for IaaS grows. According to a June 2012 report from Gartner Inc., the worldwide cloud infrastructure services market is forecast to grow from approximately $4.3 billion in 2011 to an estimated $24.4 billion in 2016.2 Also not surprisingly, many of these vendors don’t have mature virtualized offerings yet or lack enterprise experience and/or solutions to be solid hybrid cloud leaders – an important distinction given that hybrid solutions appear to be the direction the industry is going.

As more cloud service providers (CSPs) jump into the ring to take advantage of the growing market demand for IaaS, organizations are quickly discovering that not all cloud services are created equal. Many work well for low-risk workloads, as the early adopters found, but lack the security and performance levels required for legacy production workloads. Most applications, while great at scale for the enterprise, bow under the weight and complexity of a CSP’s horizontal scale and multitenancy. Learning how to test platforms for these characteristics and deal with the challenges when they are discovered doesn’t come overnight. These legacy applications also are likely to require compliance and access controls, which new CSPs cannot provide.

At the same time a number of companies, particularly those in heavily regulated industries such as healthcare and finance, have yet to move their mission-critical applications to the cloud. Compliance concerns stand in the way and rightly so. Only a limited number of data centers offer colocation services that can meet the regulatory demands of HIPAA, PCI DSS and other standards; even fewer cloud services can meet the stringent requirements. Heavy fines, penalties and other damaging affects await organizations subject to regulatory requirements that put data and applications into the cloud without the mandated protections.

So what makes a cloud environment suitable for complex enterprise applications that require very high availability and compliance-grade security and performance? And how can organizations find CSPs capable of delivering the requisite cloud infrastructure?

First, it’s important to understand the differences in workload types. Workloads are defined as one of two types: traditional workloads and cloud era workloads.

Traditional workloads typically serve hundreds to thousands of users and hundreds of concurrent sessions. They achieve scale by scaling up — increasing the size of the application and database infrastructure. They require agile infrastructure so that resources can be added or removed, or moved between workloads to counterbalance the demand.

IN THE BEGINNING

WORKLOAD REQUIREMENTS MATTER

KNOW YOUR WORKLOADS

1 http://ir.vmware.com/releasedetail.cfm?ReleaseID=7174402 “Forecast: Public Cloud Services, Worldwide 2010-2016, 2Q12 Update,” report by Gartner, Inc., 2012.

The Production Cloud...Because All Clouds are Not Created Equal

4.8.2014


The applications that comprise legacy production workloads are built to run on a single server or on a cluster of front-end and application server nodes and rely on technologies such as enterprise middleware clusters and vertically scaled databases. Examples include: ERP systems, CRM, messaging and collaboration applications.

They are generally customer-facing and/or have high expectations for performance and availability. Many are commercial-off-the-shelf (COTS) applications. Designed to run on reliable hardware for near 100 percent uptime, it is assumed that the underlying server or storage cluster will not fail during the normal course of operation. Backup and disaster recovery processes have been relegated to corporate IT to determine, implement and manage in order to accommodate unlikely but potential hardware failure.

Cloud era workloads, on the other hand, can serve millions of users. They employ technologies such as database sharing and no-SQL. Examples include customer-facing web applications and applications in which businesses are investing their “innovation” dollars.

Developed with the idea that the underlying infrastructure could fail or that human error could occur, cloud era applications are designed to withstand failure. They typically incorporate multisite geographic failover into their design. They also can make efficient use of infrastructure resources, easily adding or removing resources without much impact.

Production workloads are typically high-performance applications that experience large variations in their usage patterns, yet are required to deliver excellent response times to their customers. There is not time for downtime. That means the multi-tenant environment must be configured to ensure capacity and resources can be scaled up or down — as needed and when needed.

The environment cannot be oversubscribed to the point of contention, ensuring that other applications or customers won’t negatively impact performance or capacity. Cloud resources must be capable of being deployed quickly to hasten the organization’s time to value. Guaranteed reserved capacity via a self-service portal helps ensure that the necessary resources are at the command of the customer organization.

Many CSPs manage the hypervisor, leaving additional service management tasks to their customers. For production workloads, however, it is far more desirable to have a CSP that offers managed cloud services with a robust portfolio of services that covers the virtual machine through the application level. These services should be based on proven processes for production workloads and facilitate fast service delivery.

The CSP should also understand customers’ business needs and have the ability to tailor solutions to their specific requirements, as well as provide them with choices in cloud deployment models — private, hybrid or public — managed services to meet specific needs such as compliance or security.

In addition, the CSP should offer business-aligned service level agreements that cover service times, production workload response times and availability. Support should be available year-round 24 hours a day, seven days a week. On-site technical expertise is a definite plus.

While cloud era workloads require varying levels of security, production workloads almost always require consistent, enterprise-class security and isolation protocols. This can be accomplished in a public cloud model by employing security best practices in the architecture of its infrastructure. It should also employ the same design principles as used in a private cloud, including appropriate isolation between the customers sharing the multi-tenant environment.

HIGH PERFORMANCE AND CUSTOMIZATION

MULTI-LEVEL SECURITY


4.8.2014


Dedicated servers and storage that are physically isolated can be used for highly sensitive data and applications. Visibility into activities and threats to the customer organization’s account is a must, and the CSP should have skilled professionals monitoring the cloud infrastructure for security threats around the clock. Secured virtual private networks and additional managed and customer-managed security services should also be available to further enhance data protection and privacy.

Many enterprise applications involve confidential or personal data with government, industry or legislative requirements for their privacy and security. It is also increasingly common for IT organizations to be required that key processes are fully monitored and logged to satisfy both internal and external audits. For example, provisions in the Sarbanes-Oxley act dictate that IT management be able to produce and retain reports that monitor job scheduling processes. To help meet their requirements, organizations using cloud services for certain types of production workloads should only use those that meet or exceed their own security standards.

A number of CSPs claim to offer “compliant” cloud services. That doesn’t mean they do or, even if they do, that those services will meet an organization’s own compliance requirements. Due diligence is a must in assessing any CSP, particularly when it comes to compliance matters. Consulting with a legal professional is also recommended.

A cloud environment that can accommodate production workloads must provide the ability to ensure that data is being stringently protected. Backups should be used for long-term retention of data (for which there are state laws re: healthcare and record retention). If a disaster is declared at a particular site, application services must be capable of being restored in a safe, predictable and timely manner.

For most companies, mission-critical applications are essential to business operations and customer/end-user satisfaction. The CSP should have a tested disaster recovery plan in place to help minimize potential down time and help ensure that its customers’ data and applications are available.

Designed for stability, growth and bursting, the Peak 10 Enterprise Cloud exemplifies the kind of cloud service that can handle production workloads while being cost effective enough to handle all application tiers. Idle developers or a sluggish cloud environment translate into waste and unnecessary costs. Because the Enterprise Cloud provides for efficient use of resources and high availability, it helps keep companies’ IT staffs and developers productive.

It also provides for flexibility with various storage options and managed services available. As such, it serves as an ideal IaaS solution for companies that require an environment that can accommodate changing business requirements.

Offering compliance-grade security and performance, the Enterprise Cloud is unique among public cloud services in that it is annually assessed by independent auditors to ensure it meets the requirements of a number of regulatory bodies and standards, including HIPAA/HITECH, PCI DSS, Safe Harbor and others. It is also backed by SLAs guaranteeing 99.99% uptime, and includes on-site technical support.

In addition, Peak 10 offers hybrid cloud capabilities, with reliable connectivity between the Enterprise Cloud and local private clouds, remote private clouds or other public clouds.

COMPLIANCE CONSIDERATIONS

BACK UP REQUIRED

THE PEAK 10 ENTERPRISE CLOUD


4.8.2014


The Enterprise Cloud is built on a foundation provided by Peak 10’s network of strategically located data centers — all operated and maintained by Peak 10 and not outsourced to third parties. It is also powered by equipment and technologies from industry-leading technology vendors.

Chief among them is Cisco with its Unified Computing System (UCS). A next-generation platform for blade and rack server computing, Cisco USC combines compute, network and storage resources into a single, fully managed infrastructure that is delivered as a service from enterprise-class, multi-tenant clusters.

The Enterprise Cloud integrates a low-latency Ethernet unified network fabric with enterprise-class, x86-architecture servers. This creates a scalable, platform in which all resources participate in a unified management domain. It can accelerate the delivery of new services easily, reliably and securely through end-to-end provisioning and migration support for virtualized and nonvirtualized systems.

The Enterprise Cloud makes use of Cisco's unified fabric for the networking component of its infrastructure to help ensure that once cables are run, they do not need to be rerouted as workload requirements change. The Cisco UCS, in turn, helps to ensure that servers can be delivered fast and in an automated fashion.

The Enterprise Cloud’s ability to support both traditional and cloud-era workloads lies in its architectural flexibility. It is configured with multiple availability zones using different storage and networking capabilities to support various types of workloads so it can accommodate a variety of security, compliance and scalability needs.

Production workloads require high availability and fault tolerance, and use common components of an enterprise data center to meet those needs. This starts with an enterprise-grade hypervisor supports live migration of virtual machines and storage and has built-in high availability. Peak 10 uses the VMware hypervisor, considered the leading hypervisor for performance and security and features.

To store virtual machine images, the Enterprise Cloud employs high-performance storage area network (SAN) devices. Traditional physical network infrastructure like firewalls, virtual firewalls and Layer 2 switching are also used, and virtual LANs isolate traffic between servers and tenants. Virtual private network (VPN) tunneling provides secure remote access and site-to-site access to the Customer premise and end-user environments.

All the components of each Cisco UCS blade server are redundant and designed for extreme availability. The switches are designed to fail-over between each other, and the blade chassis contains a redundant pair for I/O modules. This connects them to the switches, as well as power supplies to ensure a constant operation. In the unlikely event of a chassis failure, the ability to move service profiles between blades helps ensure that critical servers can be easily restored in an alternative chassis.

Combined, these characteristics help make the Enterprise Cloud ideal for use in both traditional and production workloads. It can rapidly configure compute, network and storage infrastructure while simplifying the management of hardware components.

Workload type should play a major role in considering a CSP and a specific cloud service. Whether an organization wishes to run a production workload or a cloud era workload will dictate the application delivery requirements, the necessary cloud architecture and the need for additional services or specific features.

With the numerous cloud services available and many CSPs leaning towards “specialization,” it may

BEST-IN-BREED TECHNOLOGIES

CLOUD SERVICES FOR FUTURE WORKLOADS


4.8.2014


be worthwhile to consider a CSP that isn’t overly specialized and can accommodate a large range of applications. This is important for avoiding “cloud sprawl,” as well as simplifying management oversight and logistics.

Organizations should also be forward looking as they consider cloud services. One-size-fits-all offerings may appear more affordable than tailored solutions that are built on a reliable, consistent infrastructure. However, standard cloud services will likely not offer the flexibility to accommodate different workload requirements driven by changing business needs or allow customers to tailor their operations and operational expenses based on business and/or application requirements. While compliance-grade security, customization and high-level performance may seem like “nice-to-haves,” these are attributes of a cloud environment that will be more likely to accommodate workloads today and tomorrow.

For more information about cloud services suitable for production workloads or tips for migrating workloads to the cloud, please contact a solutions engineer today!

(866) 473-2510Peak10.com

LEARN MORE


The Production Cloud, Because Not All Clouds Are Created Equal

Technology

Transcript of The Production Cloud, Because Not All Clouds Are Created Equal