 |
Private cloud computing implementations: What do you consider to be the essential components or capabilities, necessary to create a private cloud computing environment?
(Responses posted on an ongoing basis in April.) |
- David P. Hunter, Chief Technology Officer, VMware Public Sector
- Rich Wolski, Chief Technology Officer, Eucalyptus Systems, Inc.
- Peter Coffee, Director of Platform Research, salesforce.com inc.
- Teresa Carlson, Vice President, Microsoft Federal
- Larry Pizette, Principal Software Systems Engineer, MITRE
|
David P. Hunter
Chief Technology Officer
VMware Public Sector
There is no doubt; Cloud Computing is the talk of the town. A common perception is that cloud computing implies an external cloud, based on public cloud services. The fact is that cloud computing is how you approach IT and a way of doing computing differently. Most governmental agencies can benefit from adopting and evolving their existing infrastructure to a private cloud computing approach today within their own datacenters. As with any journey you need a starting point, a destination and a map detailing the path.
Like many disruptive events, the motivation for moving to a Private Cloud is the existence of an inflection point that necessitates a shift. Today's complex, often brittle, IT infrastructure and the desire to simplify IT is that inflection point. The current economic realities and budgetary climate in Washington and State Capitals, along with the desire to save energy, reduce capital and operational expenditures, share resources and provide more transparency to citizens on how tax dollars are spent are adding additional rationale for governments to implement Private Clouds to address this complexity.
The initial capability to begin the journey is a fully virtualized datacenter. Virtualized resources allow the pooling of compute, network and storage resources that are then shared across applications and users which enables on-demand resource allocation. Once virtualized the following check-points along the route to a Private Cloud need to be considered:
- Automation of management operations. The result will be a zero-touch Infrastructure model that is driven by policies that automate routine tasks, minimize operational expenses and overhead.
- Development of service delivery models. Standard definitions for services and service levels allow the reduction of the number of variations supported and allow for the enforcement of standard methods and procedures that can then be easily automated.
- Metering of Services. A metering model for tiered services will allow the business to have a transparent view of the cost associated with the various lines of business applications.
- Providing user self-service capabilities. The provisioning and deployment of services within the parameters of defined business and governance policies provides a distributed, time-essential execution capability that is controlled by automated policies increases the ability of a agencies and departments to react to changing requirements while maintaining compliance with centralized policies and security models.
- Open and interoperable standards. Application mobility between clouds within a common management model, based on open standards, extending to other public or private clouds is a key condition to achieve flexibility.
The promise of reduced capital and operational expenses, higher customer satisfaction and greater control over security are some of the contributors today that are convincing governments to move to Private Clouds. Those organizations that chose to transform their computing model on a robust platform that provides core features such as high availability, the ability to optimize resource allocations to ensure service levels; built-in disaster recovery mechanisms to ensure business continuity; a security model that encompasses dynamic infrastructure and boundaries; and application-aware infrastructure to self-optimize application performance will be in the best position to achieve the promise of the Private Cloud.
For further information, please contact David Hunter at: hunter@vmware.com or visit http://www.vmware.com/cloud for more information.
Posted: April 15, 2010
|
Rich Wolski
Chief Technology Officer
Eucalyptus Systems, Inc.
Implementing a Private Cloud
Private clouds consist of several components, not all of which are
technological. The cloud platform itself is deployed as one or more
technologies, but in addition to the platform, the organization building
the cloud must also define policies governing its usage, processes
describing its maintenance, accounting schemes for determining its
budget, and plans for managing its lifecycle. From a technical
perspective, the cloud platform must be able to support these
management activities in addition to the cloud abstractions it
implements for its users and administrators.
One way to meet these requirements is to architect the cloud platform
so that it can conform the infrastructure upon which it is deployed,
particularly with respect to the mechanisms with which policy is
implemented. That is, the private cloud platform must be able to accept
infrastructure governance defined for its environment rather than
dictate governance requirements.
Open-source as a distribution style for the cloud platform software is
particularly good at facilitating this form of policy malleability.
Community contributions often take the form of modifications to specific configurations and environments. The source code is
available so that customization is possible, and the interaction of the
platform and the infrastructure is transparent.
From a more technological perspective, the "scale" of the private cloud
platform is often a metric of great interest. There are two types of scale,
however, that must be considered: request scale and resource scale.
Request scale refers to the number of requests (usually from separate
users) that the cloud can support per unit time. For IaaS-style clouds,
these requests are transactional. That is, each request must either
complete or fail unambiguously, usually within a specific timeout period
(we at Eucalyptus use 60 seconds).
On the back-end, the cloud platform must be able to use (efficiently)
large collections of widely varying resources (machines, networks,
storage devices, etc.) The key to achieving both user scale and resource
scale reliably is to exploit eventual consistency in the internal state
management of the cloud platform itself. As with user-facing cloud
storage abstractions (e.g. "blob storage"), eventual consistency enables
both reliable operation and vast resource scale. Managing eventual
consistency, particularly to implement the platform, can be complex but
it is the purpose of the cloud to hide that complexity in the cloud
platform so that it is not exposed to the applications, the users, or the
cloud operators.
Finally, private clouds must implement cloud provisioning abstractions.
Virtual machines in a cloud, for example are similar to but not exactly
like virtual machines in a data center. The same relationship exists
between cloud Internet addresses, storage abstractions, firewall rules,
etc. The cloud is a more dynamic usage model, and as a result, a more
efficient model for managing IT resources. To exploit the maximum
benefit it offers, it must support services that allow applications to take
advantage of this dynamism.
For further information, please contact Rich Wolski at rich@eucalyptus.com or visit www.eucalyptus.com
Posted: April 19, 2010
|
Peter Coffee
Director of Platform Research
salesforce.com inc.
The question of "private cloud" versus "public cloud" arises when people think of cloud computing as a model of technology deployment. That's a path that leads to superficial economies, and leads away from the most transforming results of adopting the cloud computing model.
If an organization decides that it needs "a cloud computing strategy," it's likely to take its existing IT practices and look for a way to migrate those practices into a scalable environment with a high degree of resource virtualization. Any number of vendors will be happy to offer hardware and software to support those aims, and most of those vendors will today use the label of "private cloud" to describe the result.
What people actually want, when they talk about cloud computing, is a far more radical improvement in the way that they acquire and use information management and business process automation. Cloud computing is far less a technology model than it is a model of service delivery. It's a set of promises that service providers make to their customers: promises that may have been made in the past, but are only being truly fulfilled today.
- Cloud computing is a promise that a business process initiative can get off to a rapid start, focusing on the problem to be solved – not on the limits and delays of a capital budgeting process.
- Cloud computing is a promise that the customer's scarce resources can be reserved for the creation of competitive advantage, with the service provider assuming the burdens of maintaining the security and performance of the software stack beneath the customer's applications.
Enterprise cloud computing is a distinct category of cloud computing, as opposed to consumer Web applications:
- "Enterprise cloud" implies a further promise of rigorous and audited security, high availability and robust capabilities for customization and integration.
If it's cloudy, the customer shouldn't need to purchase and support peak-load capacity that exceeds the everyday need. If it's cloudy, the workload of security patches and other updates should be the provider's problem; the benefits of continual upgrades should be an unmixed blessing for the customer, included in predictable subscription pricing.
Is it possible to deliver the cloud's distinctive advantages in an on-premise installation, or in a reserved instance of hardware located off the customer's site? It's possible, but most "private cloud" efforts let the adjective vastly overshadow the noun – and wind up constructing a best-practice data center, using technologies such as virtualization that substantially improve hardware utilization, but falling well short of the full potential of the cloud computing model as applied to appropriate tasks.
It's well and good to like the idea of "private," but that goal should not take precedence over the compelling economics and the benefits to business agility that come from being "cloudy."
For further information, please contact Peter Coffee at: pcoffee@salesforce.com
Posted: April 25, 2010
|
Teresa Carlson
Vice President
Microsoft Federal
The idea of a "private cloud" really starts with how you define it, and there are many different definitions out there. NIST defines a private cloud as "cloud infrastructure operated solely for an organization." That's a good distinction, but others push it further and demand that data be hosted within a certain facility. Some define private clouds as a way to access services within an infrastructure that is closed by design – without connection to the Internet. Along this line of thinking, you could say that traditional hosting providers and Federal Systems Integrators have been offering a type of private cloud for decades. For me it's really about changing the traditional hosting paradigm to allow efficient access to services on-demand with a pay-as-you-go consumption model. The procurement characteristics change, as does the concept of metered service, but the basic premise of the cloud is not a science fiction project.
The Internet has become part of cloud's evolution because of its prolific adoption worldwide and the ever growing consumerization of IT. Citizens are increasingly using Web tools to communicate, make purchases and access information - blurring the line between enterprise and consumer based solutions. People are expecting more from IT both at home and at work, and it's forcing government's hand as it strives to connect with citizens, attract workforce talent, offer services more efficiently and become more open and transparent.
The cloud industry is currently building solutions within private data centers based on existing best practices in security, privacy and governance models. But leaders still have security concerns because they can't touch the servers and customize the solution to the granular level of detail they are accustomed to. To alleviate these concerns, there are great questions being asked by industry stakeholders: Should existing standards be modified to fit the cloud? How do government agencies know that C&A requirements are being met in public cloud solutions? What if there is a data breach or data leakage?
The challenge involves highly specialized systems, perception and lack of maturity. The thought of hosting data in a non-government data center, on public servers owned by third party vendors, has always raised security and privacy concerns for government agencies. Traditional hosting solutions eased some of this concern by adhering to Federal C&A and allowing government customers to customize, audit and access facilities - all of which drive up the cost and time to market of the solution. The promise of cloud computing takes traditional hosting to the next level, offering commodity based services that are cheaper and faster to market because they are not unique services tailored to individual agency needs.
The end state goal for the cloud has always been "dynamic IT" - the ability to deliver computing services to people, devices and applications when and where they need them in a metered, only- pay-for-what-you-consume procurement model. Business models will change, standards will emerge and innovation will happen at rapid paces, but the need for choice and private clouds will be here for some time. It's a vision and journey that I'm excited to be part of!
For an unabridged version of this post, see Teresa Carlson's FutureFed blog at: http://blogs.msdn.com/USPUBLICSector/
Posted: May 11, 2010
|
Larry Pizette
Principal Software Systems Engineer
The MITRE Corporation
The essential components and capabilities necessary for a private cloud ultimately depend on the system owner's requirements. The ability to control the operational environment is one of the significant factors that Federal IT leaders will likely consider when adopting a private cloud approach. As an example, if an organization requires very high levels of security, they may employ a rigorous architectural approach with comprehensive protections, including highly secure data centers and dedicated networks. Others may not need the same level of security but may require special features for regulatory or statutory compliance. For these two separate cases, private cloud implementations based upon owner requirements may look very different.
A private cloud implementation can offer significant benefit to those Federal IT leaders seeking to realize some of the benefits of cloud computing while maximizing control over their environment. As a starting point, NIST has listed several essential characteristics of cloud computing that Federal IT leaders embarking on a private cloud investment would benefit from examining. The essential characteristics that they list are: on-demand self-service, broad network access, resource pooling (e.g., multi-tenancy), rapid elasticity (e.g., rapid scaling), and measured service.
In order to securely leverage the capabilities of a private cloud, an organization would need to ensure their data centers have the correct technical underpinnings and implement the appropriate operational processes, governance and management. While new components and legacy components will vary by organization, there are common essential components that will likely be needed:
- Virtualization allows multiple instances of "guest" operating systems to run concurrently on the same physical infrastructure and enables "multi-tenancy," which is the sharing of physical resources. The resulting increase in server utilization can reduce HVAC and electric costs, data center size and other related infrastructure costs. Also, contemporary virtualization offerings can facilitate scalability, self-service provisioning and continuity of operations (COOP).
- Storage technology, such as disk arrays, storage area networks (SANs) and storage connection technologies, with supporting software can provide the underlying persistent storage and facilitate COOP and location independent access.
- Security capabilities such as identity management, logging and auditing, anti-malware software, intrusion detection systems and intrusion prevention systems, and virtual machine isolation should be considered.
- Provisioning tools, management tools, and metering instrumentation are key to providing Federal IT leaders and users with many of the advantages that a private cloud can offer: self-service, burst capability, scheduling, service-level agreement (SLA) monitoring, and if needed, metering for "pay as you go" functionality.
- Networking infrastructure for the cloud should be engineered to carry the additional traffic required to connect the service provider to the consumer.
"There is a major trend playing out over the next few years where internal IT providers want to make fundamental changes so that they behave and provide similar benefits (on smaller scale) as cloud computing providers," states Gartner's Thomas Bittman. For those organizations looking to maximize the ROI of their internal IT investment and maintain control, a private cloud may be an attractive option.
For further information, please contact Larry Pizette at: cloudbloggers-list@lists.mitre.org
Posted: April 29, 2010
|
If you would like to contribute an answer to this question, or future questions, please Contact Us. Terms and Conditions of Use
|
|
If you are from a U.S. government agency or DoD organization and would like to pose a question for this forum, let us know.
Welcome
"Ahead in the Clouds" is a public forum to provide federal government agencies with meaningful answers to common cloud computing questions, drawing from leading thinkers in the field. Each month we pose a new question, then post both summary and detailed responses.
Current Month
January 2011
|
|
|