PRIVATECLOUDe-zine

Strategies for buildinga private cloud

VOL.1|N0.3|AUGUST2011

In this issue:

q TRENDS IN CLOUD COMPUTINGBy SearchCloudComputing.com Staff

q I.T. WITHOUT BORDERSBy Bob Plankers

q TOOLS TO UNLOCK THE POTENTIALOF A PRIVATE CLOUDBy Bill Claybrook

THE DISRUPTION OF cloud modelsmakes IT departments understand-ably uneasy. Technology managerscan be a cautious bunch. What’smore, aversion to change can pro-tect your data center—and yourjob—from sudden demise. Many ITprofessionals just want to keep thetrains running rather than introduceunproven technologies and wreakhavoc.In “ITWithout Borders,” Bob

Plankers considers this IT inertia aswell as the legitimate technologyconcerns that fuel it. He also offersadvice on how IT departments canaddress networking, security andapplication concerns in the cloudwithout resorting to the traditionalsiloed IT approach. Plankers encour-ages IT to rethink assumptions.Sage advice: Nearly 40% of 450-plus respondents to a recentTechTarget survey, for example, saythat cloud computing is introducingnew IT roles.But IT change is only part of the

equation. Cloud technology has toadvance as well. As a result, manydata centers haven’t yet introducedthe true automation, monitoring andservice catalogs that characterize a

cloud environment. Instead, theyhave highly virtualized data centersthat are still stuck in private cloud’swaiting room.In “Tools to Unlock a Private

Cloud’s Potential,” Bill Claybrooksurveys the maturity of availabletools in terms of key cloud capabili-ties and considers cost and interop-erability. But, as Claybrook acknowl-edges, many of these tools remainuntested in production environ-ments. Many tools are still too newto have even garnered real-life cus-tomers that can attest to theirvirtues or downsides.Still, if cloud computing hasn’t

moved beyond 1.0, the next severalmonths may be telling. If last year’sflurry of August announcements isany indication, cloud vendors arelikely aiming to release new versionsand tools with abandon. Last year’svirtualization confab, VMworld, fea-tured a dizzying array of legitimateand trumped-up cloud announce-ments, so stay tuned. �

LAUREN HORWITZSenior Managing Editor,Data Center and VirtualizationMedia Group, TechTarget Inc.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 2

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 EDITOR’S LETTER

PRIVATE CLOUD’SWAITING ROOM

E

Cloud One on One

GETTING NIMBLEIN THE CLOUDGenerally released in April 2011, Nim-bula Director offers tools for enterpris-es to create private cloud systems intheir own data centers as well as toservice providers to build public cloudservices. The technology provides cus-tomers with an Infrastructure as aService offering that is modeled onAmazon Elastic Compute Cloud (EC2),which makes sense given that Nimbu-la’s founders hail from EC2.

Reza Malekzadeh—the formermarketing director at VMware Inc. andnow the VP of marketing at NimbulaInc.—discussed how the technologyworks and where it stands out in anincreasingly crowded marketplace.

What is Nimbula Director?Think of it like Amazon EC2 behinda firewall: that is, having a privatecloud solution on your own infra-

structure. Within an organization,users can access a private cloudinfrastructure and create self-ser-vice, self-provisioned virtualmachines. In addition to using theirown infrastructure, users can runworkloads on external clouds.Intuit runs its TurboTax software,

on private infrastructure; that soft-ware is central to its business. Butthe company has specialized needsas well. Once a year, they rely onAmazon for testing; it’s a periodicneed. That is the kind of use case we

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 3

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 TRENDS IN CLOUD COMPUTING

T R E N D Sin cloud computing

T

“This isnot a black-

and-white world.People will choosethe best platform

for a givenapp.”

RezaMalekzadeh,VP of marketing at Nimbula

envision for Nimbula Director.

How does Nimbula Directorfit into the marketplace?Part of our vision is that this is not ablack-and-white world. You’re goingto have coexistence, where peoplewill choose the best platform for a

given app. They will keep their hard-core, monolithic IT systems thatrequire fault tolerance on premises.Those applications will continue torun the way they run today: by ITand in-house.But as they look to deploy new

apps that are scale-out architec-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 4

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

A SPOTLIGHT ON NIMBULA’S PRIVATE CLOUDARLINGTON, VA.-BASED Bioinformatics Inc. is a biomedical company that focuses oncomputational genomics. Researchers in various departments need to run compu-tation-intensive, demanding nucleotide sequencing analyses.Multiple departments share a single supercomputer that is administrated by

central IT. Each department also has its own set of compute resources for smaller-scale simulations. Running a large computation involves scheduling jobs with anIT administrator and painstakingly specifying how the computation environmentneeds to be set up and then waiting for the next slot to become available.But with Nimbula Director, the company can move all compute resources into

a multi-tenant, private cloud, creating a shared resource pool from the supercom-puter and the local departmental compute resources. These resources are thenavailable to users via an application programming interface, Web-based consoleand command line interface in a self-service manner.

� Self-service provisioning. Instead of submitting work to a queue for processingand relying on a systems administrator for setup and configuration, users canconfigure, maintain and upload virtual machine images and launch instances oftheir computation in a self-service fashion.

� Improved utilization. Sharing resources among multiple tenants can improveutilization rates because resources are no longer left idle.

� Automating infrastructure management.Nimbula Director's automated man-agement of cloud services and self-organizing architecture dynamically managesfailover of Nimbula components without human intervention.

� Computational suitability to parallelism. Genomic computations are wellsuited to scale out, as computational load can be sensibly divided and spun offto different virtual machines.

1 TRENDS IN CLOUD COMPUTINGT

tures and more tolerant of failure,these applications are more suitedto a public or a private cloud archi-tecture. We have customers, forexample, that use their infrastruc-ture for scientific computing, whichrequires a lot of data crunching.When they need extra capacity for aweek, they use public cloud servicesinstead of having to buy additionalhardware for that short period.By contrast, their Oracle database

or Exchange Server runs internallyon traditional systems and architec-ture, but they use private and publiccloud architectures for newWeb 2.0architectures or data-crunchingapplications that run during peaktimes during the week.

How does Nimbula Director differfrom other cloud technologies?

A lot of systems are evolutions ofpreviously existing technologies andprovide layers of automation andorchestration on top of existingstacks. But with these technologies,you carry forward a lot of the deci-sions previously made with thatarchitecture.Nimbula Director was built from

scratch and doesn’t have any bag-gage to carry forward.If you want to add capacity, our

system automatically detects yourhardware and does so automatical-ly. When you plug in physically to anew server, the server does a pixieboot. We will detect the boot andinstall the software.Nimbula Director doesn’t have a

single point of failure. Replication orfailover mechanisms reside in allmanagement services in a distrib-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 5

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

THE YEAR OF THE CLOUD?More than 70% of respondents have budget for cloud projects in 2011.

72%Yes

SOURCE: “CLOUD COMPUTING 2011 ADOPTION SURVEY,” TECHTARGET INC., MARCH 2011; N=118 I.T. MANAGERS

17%No

11%Don’t know

� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �� � � � � � � � � �

1 TRENDS IN CLOUD COMPUTINGT

CARE AND FEEDING REQUIREDNearly 70% of respondents spend a considerable amount of time

on the care and feeding of their private cloud.

SOURCE: “CLOUD COMPUTING 2011 ADOPTION SURVEY,” TECHTARGET INC., MARCH 2011; N=154 I.T. MANAGERS

35% 34%25%

6%

uted control plane.Permissions are also different to

allow for better self-service. Userscan give permission and access totheir own content, so IT is thereforeno longer in the way on that path todelegating access.Then there’s networking. In a tra-

ditional world, IT departments haveto deal with IP tables, firewalls, andthat can become overwhelming witha scalable infrastructure with hun-dreds or thousands of machines.With Nimbula Director, applicationscan instead be assigned to networksecurity groups and have securitypolicy enforced independently of the

underlying network topology.Third, there’s pricing. We want

our pricing to reflect the more flex-ible cloud model. So, for example,if you install the software and useonly a certain number of cores, youpay for that. If you burst to more,we’re not going to penalize you.At the end of the year, you pay for

excess capacity used. If you installthe software and use only half thecores, we charge you only for that,whereas competitors might chargeyou for 500 if you use only 250. Ifyou use 300 on a consistent basis,you pay for the extra 50.

—BY LAUREN HORWITZ

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 6

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

uA considerableamount.We boughtnew hardware andsome tools to helpwith automationand management,but the interface ishomegrown

uAll. Starting withcore technologiessuch as virtualiza-tion; we are devel-oping our own cloudplatform and inter-face

uSome.We bought apretty comprehen-sive solution, butwe're implementingit ourselves

uNone

1 TRENDS IN CLOUD COMPUTINGT

Click here to learn more

Your business wants a Cloud.You want your sanity.

Tame your Virtualization Monster andunleash the Cloud with Abiquo

Secure multi-tenant system, no user training required

Maximize operational e�ciency with “single pane of glass” infrastructure Management

Business policies ensure compliance is automatically enforced

AS COMPANIES SEEK faster, better andcheaper IT resources, hybrid cloudsseem like a natural fit.With hybrid clouds, IT can shift

workloads between internal datacenters and a commercial publiccloud provider environment duringpeak periods. As a result, compa-nies can adjust to new demandswithout paying for always-on IT. Forgrowing businesses with variableneeds, cloud computing can reducecosts while boosting project flexibili-ty and time to market.But cloud computing still raises IT

hackles. Managers worry thatclouds violate traditional depart-mental domains and practices, andorganizational inertia can run deep.A cloud also imposes new demandson IT infrastructure, from networksto servers, and can strain the rela-tionships between their respectiveteams. And cloud pricing and licens-ing continue to pose serious chal-lenges that further entrench divi-sions and cut into cost savings.Still, cloud computing has begun

to gain traction in corners of the

enterprise. So how can departmentsbogged down by inertia take thenext step? They can start by consid-ering some of the factors that blockmany cloud implementations,including their own long-standingsilos.

NETWORKING CONSIDERATIONSCloud computing offers IT fargreater flexibility in how it deliversservices. When a new project cropsup or a workload’s demands shiftsuddenly, IT departments can movethe work to a commercial provideror move resources internally untilthe peak period elapses.But that flexibility can also pose

networking challenges. By movingapplications off-site, companiesneed good network connectivitybetween a data center site and apublic cloud provider so that usersdon’t experience performancedegradation. Good connectivitycomes in two forms: necessarybandwidth and low latency.Most businesses have sufficient

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 8

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 I.T. WITHOUT BORDERS

I.T. WITHOUT BORDERSCloud computing has changed the way IT resources aredesigned and managed. Siloed IT departments have to adjusttheir business-as-usual approach.BBYY BBOOBB PPLLAANNKKEERRSS

network connections to supportemail, Web browsing and generalcompany communication. Addingtraffic to the connection between anexternal cloud provider and a com-pany requires planning to protect

the application or the original usesof the network connection.A typical data center network—

particularly one with gigabit net-works—has a lot of bandwidth andlow latency. IT managers can alsomonitor internal network equipmentusage to diagnose problems. Butwhen you move an application off-site to a cloud provider, it is nolonger part of your data center net-work. To access the application,your network traffic must take alonger route across smaller networklinks and links with greater latency. My PC, for example, uses three

network segments, or “hops,” toreach my company’s HR applicationand has a network latency of 0.3milliseconds. Moving that applica-

tion to a commercial cloud providercreates additional delay of about 20milliseconds to a server in a com-mercial cloud. It travels across net-work segments of unknown size andthat cannot be monitored by inter-nal IT staff. Some applications suffergreatly when network latency isintroduced, especially if parts of anapplication—such as a database—are in-house and parts are in a com-mercial cloud.In addition, most commercial

cloud environments charge for net-work use. Charges of 10 cents or 15cents per gigabyte of traffic aren’texorbitant. But charges start to addup, especially when most organiza-tions take their own fast networkspeeds and flat-rate pricing forgranted. When you consider back-ups for your cloud-based apps anddata refreshes, new deploymentsand other day-to-day operationswith your applications, you mayspend money in unanticipated ways.

SECURITYSecurity always needs to be part ofa cloud implementation plan. Pri-vate cloud challenges are similar tothose in existing virtualization proj-ects, though, so most enterprisesshouldn’t be surprised by therequirements. But hybrid and publiccloud models change securitymeasures somewhat.Private clouds can draw on your

IT group’s traditional security mod-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 9

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 I.T. WITHOUT BORDERS

SOME APPLICATIONSSUFFER GREATLY WHENNETWORK LATENCY IS INTRODUCED, ESPECIALLY IF PARTSOF AN APPLICATIONARE IN-HOUSE ANDPARTS ARE IN A COMMERCIAL CLOUD.

els, using classic network segmen-tation techniques, such as virtuallocal area networks, firewalling, andintrusion detection and preventionsystems. Newer cloud technologies,such as VMware Inc.’s vCloudDirector, propose new ways of

implementing firewalling and net-work isolation. While they aim toimprove an IT staff’s efficiency,these new techniques can run afoulof existing security and networkingpractices that establish policies,procedures and methodologies forsecuring environments. Gettingthese teams involved early in theprocess of developing a cloud is keyfor proper adoption.Hybrid clouds present particular

data access challenges. In response,some cloud deployments adopt fair-ly paranoid stances toward com-mercial clouds. They generallyassume that you cannot trust thesecurity of the network between an

internal data center and a commer-cial cloud host, nor can you trust thesecurity of the network betweentwo virtual machines in a commer-cial cloud. They also often assumethat you cannot trust the security ofa cloud’s underlying storage or stor-age network.There are solutions to these prob-

lems, which are sometimes includedin a cloud product or underlying vir-tualization technology. VMware, forexample, offers virtual private net-working capabilities as part of itsvShield suite of products. TheVMsafe application programminginterface and other products, suchas VMware vShield or Altor Net-works’ virtual security suite, canachieve virtual firewalling. But allthese products add cost, staff train-ing, and support time to a hybrid orpublic cloud deployment. So youneed to consider whether you havepersonally identifiable informationor just data that is crucial to yourbusiness, such as a customer list.Different kinds of data dictategreater or lesser degrees of security.

LEGACY APPLICATIONS AND NEW FRAMEWORKSEnterprises are built on legacy appli-cations. These applications assumea traditional operating system, suchas Microsoft Windows, running on atraditional server. The challenges ofmoving legacy applications to a pri-vate cloud are often the same as

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 10

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 I.T. WITHOUT BORDERS

39%The number of respondents who

say that cloud computing has begun to introduce new IT roles and titles,

such as the cloud architect.SOURCE: "CLOUD COMPUTING 2011 ADOPTION SURVEY," TECHTARGET INC., MARCH 2011; N=459 I.T. MANAGERS

those in traditional virtualizationprojects, including performanceproblems and trouble migratinghighly customized applications. Newcloud-based approaches such asVMware’s SpringSource offer radi-cally different models for designingapplications, but they also changehow applications are deployed andsupported.New application-based clouds

improve developers’ lives consider-ably. They aim to mask the com-plexities of OSes and networkingfrom application developers, enablingthem to write software that can bedeployed internally. Google AppEngine and VMware vFabric aregood examples. But while maskingthese complexities enables applica-tions to work and scale in cloudenvironments, system administra-tors’ lives, in turn, can get morecomplex. How do these applicationsget backed up? How are they moni-tored? How are they secured? Envi-ronments such as VMware vFabrictc Server are delivered as appliances,whose black box–like nature foilstraditional attempts to manage them.

DEPARTMENTAL SILOSCloud projects also disruptentrenched departmental silos andfunctions. Because a cloud makesresources more dynamic and canstrain performance and data securi-ty, siloed IT teams are often forcedto come together to manage the

system as a whole. But in many cases, one depart-

ment’s efforts to enhance a clouddeployment can undermine thework of another. Network profes-sionals, for example, spend a lot of time worrying about how datamoves around the data center. Theysize switch interconnections justright for workloads. They configurerouters and firewalls to maximizeefficiency. They tweak everythingand monitor it thoroughly. And thensystem administrators come alongand break all these assumptionswith live migration, hundreds ofguests per host, trunked networkports and other virtualization tac-tics. To boot, the systems guys nowwork with technologies that havetraditionally been the domain of networking, such as firewalling,intrusion detection and preventionsystems, and network segmentationand design.Storage professionals share some

of these challenges. Their traditionalusage model for a storage area net-work is disrupted. Storage arrayschoke under all the seemingly ran-dom I/O from cloud hosts. Securitymodels for networks, storage andapplications all need revision, too.Change and configuration manage-ment becomes taxing. Even systemadministrators—often cited as thecause of all this chaos—are throwninto the mix, as separate depart-ments that previously ran their ownservers are forced together into a

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 11

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 I.T. WITHOUT BORDERS

single cloud mandated by manage-ment.Change is difficult, and the transi-

tion to a cloud causes great anxietyas we rethink traditional IT. Thereare solutions to these problems,though. When it comes down to it,storage, networking, systems andsecurity teams have to communi-cate about requirements and con-cerns. They also have to move at acomfortable pace for everyone thatallows problems to be identified andresolved before they become over-whelming. Rather than being seenas a time sink, a cloud deploymentoffers an opportunity to rethinkexisting practices and fix the brokenprocesses that IT has endured foryears.

LICENSE FEES, SUPPORT, INTE-GRATION AND CHARGEBACKIn addition to the disruptive natureof cloud technologies, cloud licens-ing adds complexity. Increasinglycomplex systems that need tweak-ing, troubleshooting and monitoringthreaten to eat into cloud cost sav-ings through lost staff time. Private clouds are composed of

layers of software, from commonvirtualization technology at the bot-tom, management layers in the mid-dle, and user interfaces on the top.Each layer needs a different tool,and with each tool comes a licensefee and a yearly support cost. Eachtool also requires staff time to install

as well as ongoing time to supportthe tool with patches and upgrades.Additionally, integration work isoften needed for user access viacorporate Active Directory or LDAPinstances or between financial sys-tems and cloud chargeback andreporting products.A private cloud’s chargeback-

based billing system is also daunt-ing, where IT charges individualdepartments for IT usage. Like amonthly phone bill, chargebackinvolves variable-rate charges thatcan catch departments unaware orprompt user resistance. Even choosing an accounting

method can be problematic. Do you charge based on resources consumed, or do you charge a flatfee? Flat fees are nice for budgetestimations, but they may not befair, where small virtual servers sub-sidize large ones. If you chargebased on resource consumption,you have to track resource con-sumption as well, which adds com-plexity and staff monitoring tasks. Charging based on resource con-

sumption can also invite politicalbattles. Tracking CPU usage can beparticularly contentious because it’shighly variable. When a departmentreceives a bill for CPU usage, it maychallenge why it has to pay for ITtasks, such as server patching, thatwere previously “free.” Too muchfocus on the costs charged back canalso prompt those being billed tooptimize the amount spent, which

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 12

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 I.T. WITHOUT BORDERS

ADDITIONAL RESOURCES Network Considerations in Cloud ComputingFor many cloud-based applications, network performance will become the key tocloud computing performance.

Preparing for a Hybrid Cloud MoveIf you’re considering a move to the cloud, how can you ensure adequate bandwidth,low latency and secure access to servers and data?

Weighing the Cloud Computing Standards DilemmaToday, VMware’s Open Virtualization Format is one of the only available cloud com-puting standards. But on its own, it hardly solves the cloud interoperability issue.

The Politics of ChargebackThe problem with private cloud chargeback isn’t technology; it’s politics. Most or-ganizations simply aren’t prepared for this shift in charging internally for services. �

usually undermines the efficiency ofthe entire cloud environment. As aresult, many chargeback systemstake simpler approaches, imple-menting a base charge plus RAMand disk allocations.

INEVITABLE CHANGE For most organizations, designingand managing a private cloud is atectonic shift in existing IT opera-tions. All layers of the data centerstack require retooling to ensuresolid network, storage, and applica-tion performance, secure dataexchange, and flexibility in a cloudenvironment.Changes can be welcome, though,

as cloud designers rethink oldprocesses and methods. Cloud com-puting affects everyone in IT. Sonow, more than ever, cloud archi-tects need to communicate andwork actively with network, security,and systems counterparts on design,support and processes. These inter-connected technologies and prac-tices require an interconnected plan.Only in breaking down internal

borders can companies truly copewith these technology shifts andand begin to focus on strategic busi-ness goals. �

Bob Plankers is a virtualization and cloud architect at a major Midwestern university. He is also the author of The Lone Sysadmin blog.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 13

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

1 I.T. WITHOUT BORDERS

AS ENTERPRISES CONSIDER privateclouds, they can get easily derailedby deciding which management toolsbest suit their environments. Privateclouds need tools to automate andorchestrate tasks, monitor servers,and call up services from a catalog. But today, some private clouds

are being created without thesecapabilities. Without them, you’velikely got a highly virtualized datacenter, not a private cloud. To get tothe next level, enterprises need tocarefully consider cloud manage-ment tool choices as well as cost,compatibility and other factors spe-cific to an organization’s data centerenvironment.But finding a mature-enough tool

that suits a data center’s needs—and at the right price point—can bedifficult. Cloud management toolsare still a developing market. So let’ssurvey some private cloud comput-ing tools on the market that can

bring automation, orchestration,monitoring and service catalogs to a cloud implementation.

ENABLING ORCHESTRATION AND AUTOMATIONWhile the terms automation andorchestration are often used inter-changeably, there is a subtle differ-ence between the two. Automationis generally associated with a singletask, whereas orchestration is asso-ciated with a workflow process forseveral tasks. To better understand the impor-

tance of automation in a privatecloud, let’s compare traditional datacenter server provisioning with vir-tual server provisioning in a virtual-ized environment. Server virtualiza-tion can reduce server provisioningtime, but not installation time. ITstaff members use labor-intensivemanagement tools and manual

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 14

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

2 TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL

TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL True private clouds need tools to automate and orchestrate tasks, monitor servers, and enable users to call up services. BBYY BBIILLLL CCLLAAYYBBRROOOOKK

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 15

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

2 TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL

scripts to control and manage a datacenter infrastructure. But they won’tbe able to keep pace with the con-tinuous stream of configurationchanges associated with a privatecloud’s dynamic provisioning andvirtual machine (VM) movement.Nor can they maintain access andsecurity changes. This is whyprocess automation becomes soimportant in a private cloud.Orchestration is also key. It coor-

dinates and manages servers, stor-age, security and networks to deliverservices to users. Residing betweencloud services and a cloud infra-structure, orchestration is based onpolicies that define relationshipsamong users, servers, storage, secu-rity and networks. Policies are auto-matically translated in real time intodevice configurations that dynami-cally provision whichever resourcesare necessary. The orchestrationtool for the hypervisor managementsystem, for example, communicatesCPU and memory requirements forvirtual server provisioning.All these functions—allocating

CPU for a virtual server; allocatingstorage; setting up routers, firewallsor switches to support the newlyprovisioned virtual server—are auto-mated. The orchestration functioncoordinates all the automated con-figuration changes throughout allsystems and hardware; it is a singlepoint of control. Without automa-tion and orchestration tools, IT hasto manually re-provision and opti-

mize resources to reflect even thesmallest changes in an environment.Automation and orchestration,

however, won’t solve all your prob-lems. They may help you makeinfrastructure changes more rapidly,but these changes have to be re-corded nearly simultaneously sothat the orchestration function hasthe up-to-date configuration dataneeded to make decisions, such asallocating CPU and storage. Therapidity of change stemming fromautomation and self-service in pri-vate cloud environments requires amore efficient approach to configu-ration management and change man-agement: processes that live insidean IT organization. Configurationmanagement databases (CMDBs)can record these changes in real time.

AUTOMATION AND ORCHESTRATION TOOLS LineSider Technologies Inc. (whichwas acquired by Cisco Systems Inc.)and CA Technologies are two of sev-eral companies that offer automa-tion tools.LineSider OverDrive focuses on

networks and automates neworkservices’ provisioning and deploy-ment in cloud environments. Whenresources are moved or changed,policy-driven OverDrive modifiesand changes the underlying networkinfrastructure. OverDrive sits be-tween an LDAP directory, a hypervi-sor manager and device controllers.

It manages routing and virtual pri-vate networks (VPNs), switchingand VLANs, and firewalls and theiraccess control lists.The CA Automation Suite for

Data Centers includes CA ServerAutomation, CA Virtual Automa-tion, CA Process Automation andCA Configuration Automation. Thetechnology automates server provi-sioning, processes and configurationmanagement. It provides supportfor Windows, Red Hat EnterpriseLinux, SUSE Linux Enterprise Server,AIX, Solaris, and HP-UX, Hyper-Vand VMware Inc.’s ESX.There are other automation tools,

such as IBM’s Tivoli Service Automa-tion Manager and Hewlett-PackardCo.’s Cloud Service Automationoffering. Of these tools and manyothers, LineSider OverDrive bestapproximates what an automationtool should be.

MONITORING PRIVATE CLOUD PERFORMANCEMonitoring ensures that applicationsmeet performance targets and helpsanswer questions such as these:

� What is the response time from storage devices?

� What is the performance of an application?

� How is my compute and storage bandwidth being used?

Virtualization, however, has addeda layer of abstraction to traditionalmonitoring; we can no longer meas-ure performance by looking only atphysical devices. With network vir-

tualization, network operationsteams have struggled to look pastthe abstraction and identify eventsat the physical level. New perform-ance monitoring tools provideinsight into the infrastructure forphysical and virtual elements, allow-ing operations staff to make betterdecisions about how to configureand allocate workloads in virtualenvironments.If you look at the evolution of

IT—from mainframes with sharedresources to client/server with dedi-cated resources and now back toshared resources with low-costhardware—systems behave differ-ently. We have dependencies in vir-tualized environments that did notexist in the client/server architec-ture. With no clear lines of depend-encies, the way we monitor andmanage is changing. Interactionshave grown more complex than

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 16

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

2 TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL

VIRTUALIZATION HASCOMPLICATED TRADI-TIONAL MONITORING;WE CAN NO LONGERMEASURE PERFORM-ANCE BY LOOKING ONLYAT PHYSICAL DEVICES.

those in the client/server world.So how do application perform-

ance tools work? They monitormemory utilization, CPU utilizationand performance metrics. The appli-cation is associated with the guestoperating systems; the guest OS isassociated with the hypervisor run-ning on a physical server. The asso-ciations continue with a networkport to the storage resources. Moni-toring provides the linkage all theway through the infrastructure tothe application.SolarWinds has one of the most

complete sets of monitoring toolson the market. It provides monitor-ing for network, storage, application,server and virtualization perform-ance management. This set of toolsmonitors the cloud stack from top tobottom through the devices them-selves.SolarWinds’ Hyper9 Virtualiza-

tion Manager provides visibility intothe health of CPUs, memory andnetworks in a virtual environment. It allows guest virtual servers to bemapped from the application downto the data stores. If, for example,you add a fourth virtual server andsuffer a sudden performance drop,you can trace the problem to diskresources, the I/O resources beingused and the host that the serversrun on. There is potential to quicklyidentify bottlenecks and makeimmediate changes.AccelOps’ monitoring tools cap-

ture and analyze information about

the network infrastructure. IT staffcan use AccelOps to access status,events, trends and configurationdata about networks, networkdevices, systems, applications andvirtual environments. You can alsoset up alerts on performance ormemory allocation problems. And if you want to investigate a securityissue, AccelOps offers a recap ofrecent changes to a virtual server.AccelOps deployment involvesinstalling the AccelOps applicationas a VM on a VMware ESX platform.Nimsoft provides monitoring

software for private clouds. Thesoftware tools monitor servers, net-work devices, databases and appli-cations, along with virtualized envi-ronments such as ESX, vSphere,Microsoft Hyper-V, and Citrix Sys-tems Inc.’s XenServer. Nimsoft workswith cloud providers such as Rack-space, Amazon.com, Salesforce.comand Google; it also integrates withCMDBs and service desks.

SERVICE CATALOGS IN THE CLOUDService catalogs are now core tocloud computing. A service catalogcontains a list of automated servicesthat are available via a self-serviceportal. It demonstrates service avail-ability and triggers steps to provi-sion many types of enterprise serv-ices. A service catalog is typically afront-end Web-based listing of serv-ices, products and pricing deliveredby the back-office IT infrastructure.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 17

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

2 TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL

ADDITIONAL RESOURCES Cloud Services Beg for Nimbler ManagementCloud management tools are in demand as IT shops look to cloud computing services to handle virtual machines, server management and automation.

Using CMDBs and Service Catalogs to Build Private CloudsClouds’ rapidity of change require a more efficient approach to configuration management and change management. IT organizations have turned to tools likeservice catalogs and configuration management databases to improve efficiency.

Private Cloud IT Automation Vendors Brush Up Their WaresIT organizations starting new projects or buying new gear expect cloud features. �

To receive the full benefits of cloud,users must be able to request theservices they need and IT must beable to respond to those requestsquickly. A service catalog allowsusers to serve themselves by choos-ing from a menu of cloud serviceofferings. IT organizations thatimplement private clouds shouldprovide a service catalog to estab-lish standards, provide users withconvenient online access to cloudservices and help orchestrateautomation of services.Part of the service catalog design

challenge is to ensure that the cata-log is well integrated with the nec-essary components required for aseamless workflow: service desk,CMDBs and provisioning andchange management tools.Along with other companies,

NewScale provides service catalog

software; RequestCenter providesusers with an easy-to-use servicecatalog. HP has introduced the HPService Manager Service Catalogthat is integrated with several HPproducts. BMC Cloud Lifecycle Man-agement includes a policy-drivenservice catalog, and CA OblicoreGuarantee provides the capability to create service catalogs.

TIPS TO ENHANCE A PRIVATE CLOUDToday, too many so-called privateclouds are being created withoutautomation, sufficient monitoring orservice catalogs. These implemen-tations will have difficulty realizingall the benefits of cloud computing.Big and small companies supply

tools for each of these importantfunctions. Some, such as LineSider

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 18

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

2 TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL

and Oblicore, have been acquired bylarger companies like Cisco Systemsand CA Technologies, respectively,and integrated with other productsto form more complete cloud man-agement suites. Most of these toolsare so new and untested in produc-tion environments that you shouldtalk to vendors’ reference cus-tomers. If vendors don’t have refer-ence customers to offer, beware.Using tools from acquired compa-

nies may lock you in to the largercompanies that purchased them.This is a frequent problem withacquisitions: One company’s man-agement tools get buried within alarger set of products and are nolonger sold separately.Monitoring tools are most likely

to be insufficient in virtual environ-ments. And data centers often try touse whatever monitoring tools theyhad in their traditional environment.But these tools won’t provide suffi-cient, if any, monitoring of trafficbetween virtual components. Localcommunication between virtualservers can go largely unmonitored;traffic that runs through a virtualswitch is practically invisible be-cause it never hits wire. To ensurethe optimal private cloud experi-ence, virtual traffic between VMsneeds to be monitored. �

Bill Claybrook is an analyst with more than 30years of experience in the computer industry. He is now president of New River MarketingResearch in Concord, Mass.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 3 19

HOME

EDITOR’S LETTER

TRENDS

I.T. WITHOUT

BORDERS

PRIVATE

CLOUD TOOLS

2 TOOLS TO UNLOCK A PRIVATE CLOUD’S POTENTIAL

Jo MaitlandExecutive Editor

Steve CiminoSite Editor

Lauren HorwitzMichelle Boisvert

Senior Managing Editors

Jeannette BeltranEugene DemaitreMartha Moore

Associate Managing Editors

Linda KouryDirector of Online Design

Cathleen GagneEditorial Director

Marc LaplantePublisher

TechTarget Inc.275 Grove StreetNewton, MA 02466www.techtarget.com

©2011 TechTarget Inc. No part of this publication may be transmitted or reproduced in any form or by any meanswithout written permission from the publisher. For permis-sions or reprint information, please contact Scott Kelly,Director of Product Management, Data Center Media,

TechTarget (skelly@techtarget.com).

RESOURCES FROM OUR SPONSOR

See ad page 7

• MSP - Abiquo Making a Splash in the Hosting World

About Abiquo:Abiquo represents the next generation of Cloud management solutions. Designed to meetstrategic objectives, rather than as a temporary tactical fix, it is built to realize our vision ofvirtualized infrastructure management. Based on open standards, Abiquo allows organizationsof all sizes to dramatically improve business agility, mitigate risk, and reduce costs.