The move-to-hybrid-cloud-itsmf-april2015
-
Upload
eduserv -
Category
Technology
-
view
62 -
download
0
Transcript of The move-to-hybrid-cloud-itsmf-april2015
Agenda
• Recap – what is cloud anyway?
• Deployment, Service models
• Essential characteristics
• The Hybrid cloud model
• Service Management in a hybrid cloud world
• Service Design: Capacity, InfoSec, Supplier Mgmt
• Service Transition: Change, Asset/Config, Release Mgmt
• Service Improvement: Service Measurement & Reporting
• Recommendations
Cloud Models
• Cloud Deployment models
• Public – multi-tenanted Internet-based service (AWS)
• Private – single-tenanted, closed-network service (vCloud)
• Community – multi-tenanted service aimed at a specific user group
• Hybrid – Combination of 2 (or more) cloud infrastructures
• Today’s focus is on Hybrid Cloud models
Cloud Models
• Cloud Service Models
• IaaS – compute, storage, networking services
• PaaS – managed platform that supports app development
• SaaS – managed software delivered via a web browser
• Today’s focus is on IaaS service models
Cloud Characteristics
• Essential Characteristics
• Broad Network Access
• Resource Pooling
• Rapid Elasticity
• Measured Service
• On Demand Self-Service
Broad Access – addressing usability
• Traditional IT has historically been “siloed”
• Vertical deployments of application stacks for specific purposes
• Access to these silos is controlled independently
• Integration across services is limited
• This isn’t always a bad thing!
• Security, accountability, control are all increased
• But this approach…
• …has resulted in “planning blight”, and
• Leads to the use of “Shadow IT”
Broad access – more than one way…
Cloud Service
Web console
Command Line
REST API
Development SDK
3rd party integration
Resource pooling – addressing efficiency
• Consolidation of workloads
• More efficient use of infrastructure
• Higher availability (through HA)
• Lower infrastructure costs
• Comes at a price
• Less spare capacity to scale,
unless you purchase “spare”
• Failure of physical servers impact
more services
Resource pooling – benefits at scale
Organisation with
200 physical servers:
~ $6,500 per server
Cloud provider with
20k+ physical servers:
~ $1,000 per server
• Traditional architecture design
requires adopting one of two
approaches:
• Design for peak load – results in
unused capacity
• Design for average load – results
in over-subscribed capacity
• Virtualisation can help solve
compute capacity, but not:
• Network / storage capacity
• Scaling automation
Elasticity – addressing capacity
Elasticity (rapid scalability)
• Public cloud provides “infinite”
(from a typical customer’s
viewpoint) scalability
• Deals with the “hard” stuff that
virtualisation doesn’t:
• Scaling network/bandwidth
• Scaling storage
• Scaling automation
Measured Service – addressing purchasing
• IT has traditionally been a cost centre
• Pressure to reduce costs
• Expenditure linked to budget cycles
• Typically high CapEx for new projects
• IT increasingly adds value to business
• Showback / Chargeback are attempts to
represent this value to individual business
units
• Very difficult to apportion core infrastructure
costs (switching, network, etc.)
Measured Service – pay as you go
• Cloud services charge based on use
• Discount levels for bulk usage
• No minimum contract periods
• Detailed metrics, which can be categorised as required
Hybrid Cloud
• At its simplest, Hybrid cloud simply connects two (or more)
cloud services via defined mechanism(s)
• In practice, there are two distinct patterns for service delivery:
• Discrete – individual services reside on a single, specific cloud
• Integrated – individual services are managed & delivered
transparently across the hybrid cloud infrastructure
• Management services are similar:
• Discrete – each cloud is managed individually
• Integrated – combined management stack
Why Hybrid?
• Allows you to make best use of the strengths of each type
of cloud platform:
• Public Cloud (such as AWS):
• Scale, pace of innovation, elasticity, additional functionality, price
• Private Cloud (such as vCloud):
• Security, customisation, compliance, control
• Provides a transition path from fully on-premise services
• Great for pilot / PoC / development / DR service provision
• Lots of different justifications; in practice, it comes down to:
• Public cloud = agility
• Private cloud = control
Private Cloud control (Eduserv)
• Secure Compute Cloud
• Government-accredited infrastructure (“IL2”, “IL3”)
• UK data sovereignty – UK owned and operated datacentre
• Specialist network connectivity (PSN, Janet, WAN, etc.)
• Capability for external audits
Hybrid Cloud – Management considerations
• Infrastructure
• Deployment tools are likely to be different to on-premise IT
• Be aware of subtle differences, esp. if you are used to vSphere
• Network connectivity
• Fast, low-latency links are important where services are integrated
• OS & application management
• Existing tools should be compatible, but…
• …may not be able to handle “cloud-native” designs
• Think about how you architect directory services across clouds
• Start simple!
Capacity Management
• Hybrid “Cloud Bursting” is (in most cases) a myth
• Scaling a service tier across a hybrid cloud is complex and costly
• Keep tiers within a single cloud (i.e. web on public, app on private)
• Try to place “bursty” services onto public cloud infrastructure
• Long-term stable services are a good fit for private cloud
• There’s no such thing as “spare” capacity on a public cloud
• You pay for anything that is running / being used
• Turn on when you need it, off when you don’t
• Public cloud is great for off-site storage (object/tape storage)
• Push (encrypted) backup data, with retention/lifecycle policies
Supplier Management
• One of the most important hybrid cloud
processes to understand
• Understand cloud providers T&Cs
• Unlikely you will be able to modify the terms
• Understand data retention, termination,
payment requirements
• Understand cloud provider service levels
• What SLAs are offered? What are the
exclusions?
• Typically SLAs are against the entire
infrastructure, NOT single VMs
Information Security
• Not always as clear-cut as private > public re. security
• Cloud providers existence depend on delivering secure services
• However legal compliance is sometimes out of their control
• For IaaS service models, OS responsibility is still yours
• Patching, AV, IDS/IPS, hardening, etc.
• Key aspect of hybrid cloud is integrated monitoring
• Similar tools across public/private clouds to protect OS and apps
• Control access to Cloud provider APIs / user accounts
• Enforce strong passwords, 2FA, access controls
• Difficult to overstate the importance of this requirement
Change Management
• Make use of cloud service tools
• Audit logs (such as AWS CloudTrail, Config)
• See if your existing toolsets can integrate with your public cloud
• Remember that some changes are cloud-initiated
• e.g. Auto-scaling of instances due to load / bandwidth capacity
• As with configuration management, it’s the auto-scaling policy
that should be under change control, not the instances
themselves
Asset & Configuration Management
• Cloud assets are often transient
• Created and destroyed based on demand requirements
• Auto-scaling instances are identical
• Cattle v Pets analogy
• Asset manage the template,
not the instance
• Disable management connectivity to
individual instances
• Version your templates/config
Release Management
• Approach depends on architectural design
• Cloud-native application:
• Continuous integration / deployment
• Blue / green deployment
• Rolling upgrades
• Enterprise applications
• Existing approaches can be used
• Beware of public cloud limitations (snapshots, rollbacks)
• DevOps approach is worth investigation
• Combine Development and Operations skills within a team
Service Reporting
• Public clouds provide great metrics
• But you have to work to integrate them with your systems
• And decide how much of them you want to share with end-users
• If you haven’t already, invest in a centralised data repository
• Lots of options:
• Open-source, such as Elasticsearch
• COTS, such as MS SQL Analytics
• Cloud-based, such as SumoCloud or Splunk
• The benefits far outweigh the costs of implementation
Cloud is not just hype…
• …done right, Public cloud provides:
• Scale, elasticity, self-service, metered usage
• The agility to deploy new services rapidly with no CapEx
• However, Private cloud is still vital for:
• Sensitive services that are required to be hosted locally
• Stable, long-running service with known workloads
• Hybrid cloud allows you the best of both worlds
• But requires you to adapt your processes to accommodate both
• How far those adaptations go depend on how “bought-in” you are
• Lots of good practice in the market – make use of it!
QUESTIONS?
Thank you!
Matt Johnson
Principal Infrastructure Architect, Eduserv
Web: http://www.eduserv.org.uk/services/cloud/
Twitter: @mhj_work
LinkedIn: https://uk.linkedin.com/in/mhjwork