Migrate to a Private Cloud, Not a Virtual Datacenter

“A private cloud can be a very attractive solution, but a bad implementation can lead to ugly results”

That’s what Brian Proffit of Internet.com’s Enterprise Networking Planet has to say in his latest piece – Migrate to a Private Cloud, Not a Virtual Datacenter. A great piece – and not just because it references our own words of wisdom here on DynamicTalks. 

Take a look here  and then let us know your own thoughts.

Part 3: Maintaining Control of Your Cloud

by: Rich Bourdeau, VP Product Marketing, DynamicOps

Here we are #3 in our series. Let’s take a quick review of where we are at:

1. Automated self-service automates the process to provision and manage IT resources. 
2. Secure multi-tenancy allows you to reserve resources for different groups, assuring that only authorized users will be able to create, reconfigure or decommission machines from resources allocated to that group. 

The next big challenge in deploying on-demand private cloud services is being able to control the amount of resources, the process used, and the management functions that can be performed for each type machine or application.  Pretty simple. Not really. But it can be with some homework and insight.

Moving at the speed of virtualization 

The good thing about virtualization is that it is quicker and easier to provision virtual machines than physical machines.  The bad thing about virtualization is that virtual machines can be provisioned much quicker typically without all the controls that accompanied the lengthy procurement and provisioning process of physical machines. Without appropriate operational governance and control, it is not uncommon for companies to waste 10-20% of their resources on unauthorized and over provisioned machines. And to add to the mix, many virtualization management software solutions on the market do not enforce the same controls to assure that machines are provisioned according to organizations best practices.  This leads to non-compliant machines with outdated software versions that expose companies to unplanned downtime and security risks.  Your management software should help control and contain, not create additional layers of challenge.

Limiting resource consumption

Cloud automation software must have policies which control the quantity and type of resources a user is allowed to consume during the provisioning of a machine or application.  Period. The administrator must be able to specify not only how much CPU, memory, storage and network resources a given user, or application will receive, but also the tier (service level) and pool that the resources will be allocated from.  Unless you want to maintain a large number of service blueprints, you will want to be able to set up service blueprints with a variable amounts of resources but with approval thresholds and the ability to customize the approval workflow. Getting better control over resource consumption by delivering the right size machine at the right service level can translate to significant capital savings.

Enforcing Best Practices 

The advantage of automation is that you have better control and enforcement of your best practices, ensuring that every machine is configured using the same process every time,  thereby eliminating the potential for mistakes or intentional circumvention of company policies. These policies include custom things like approval workflows; build parameters, customization settings, lease duration, archival policies, and what management functions a given user will be allowed to perform against the machine after it has been built. 

Controls should be granular

It is not sufficient to be able to specify policies that that apply to all users, or all machines or even all the users in a business group.  If you think about it, you will quickly realize that different types of machines need different processes and build parameters.  These operational controls need to be granular enough to accommodate what is common vs. what is different between not only different types of machines, but also different users or groups of users. For example:  You may need to provision desktops for both developers and office users. While they both need common policies which control how Windows is configured, and connected to the network, etc  they can be completely different  in the amount of resources, they will be allocated as well as the management functions that developers will be allowed to perform compared to office workers 

Enforce governance with policies not people

The key to automated self service is to replace operational governance with policies not people.  Without the appropriate controls in place you will just be trading reduced operational savings for increased capital savings.  Policies will keep it all aligned to the corporate goals.

Maintaining control is easier than you think. Just stay true to these simple things:

1. Analyze your process and make sure your vendor addresses all levels
2. Keep your fingers on the knobs that control consumption
3. Best practices are called best for a reason – stick to them and make sure your vendor falls in line
4. Know the needs of all business groups and make sure the solution will scale up AND down to accommodate

Now that we have the control issue covered, join me next time when we look at Deployment Simplicity as the next private cloud management must have.

Part 1: Automating Self Service for the Private Cloud

by: Richard Bourdeau, VP Product Marketing, DynamicOps

As promised, so begins our series on the must have’s for your private cloud deployment and what to look for when choosing your technology providers and partners. You will be in it for the long haul with whomever you choose so it is crucial they can do what they promise and you know what to do.

There are many vendors that offer automated self-service for cloud deployment. However when you start to look at what automated self-service means, the implementations vary greatly. Your definition of automation may not be the vendor’s definition and you will soon see gaps between where your automation needs begin and where theirs ends. At DynamicOps, our deployment experience has shown that most vendors provide a one size fits all automation that does not fully automate the entire process or cannot be modified to accommodate the differences in the types of services being delivered or different methodologies used by different groups. Other vendors provide more flexible workflow automation, but do little to actually automate the tasks that need to be performed. It’s a frustrating experience. You think you have done your homework, your strategy is in place, your vendor selected and before you know it production is stalled as you go through the oh so manual task of implementing an effective automation solution.

Before you select automation software to help deploy your private cloud, make sure that it has the functionality to help you with these most common automation challenges.

1.   Automate the entire process
Automated delivery needs to incorporate both the configuration of the IT resources as well as any pre or post configuration steps that need to be completed to either make the IT compute resource usable for the requestor or complete the “paperwork” required to monitor and track the resource throughout its life. Some think that it is a lot to ask to address the entire process and only seek to automate part of the process. So, many private cloud management solutions only address part of the process and focus only on the configuring of the machine vs. the end-to-end process. 

Partial automation, though better than complete manual processing, will still not allow companies to achieve the service level response times and levels of efficiencies desired.  Best way to avoid this trap is map out your process, soup to nuts. Note where compromises cannot be made on automation and understand how the new zero-touch approach will affect your processes on a whole. The right vendor will address your needs and bring additional suggestions and functionality to the table.

2.   Automate the task not just the process
It seems so obvious doesn’t it? But sadly, many service desk solutions that claim to automate the entire process really only automate the workflow that links a bunch of manual configuration steps.  In order to deliver compute resources to its consumer efficiently and reduce service delivery times, automation needs to orchestrate the configuration of both virtual and physical CPU, memory, storage, and network resources.  Ask yourself: Can the solution allow for pre-configured permissions so that resources are allocated with little to no manual intervention?

 3.  Different processes for different services, groups, or users
Every IT administrator dreams of the day when there is one process that addresses every business group and there is a clear view from Point A to Point B. You and I both know that the chances of this happening are even less likely than pigs flying. It is very common that different groups within the same company use different processes to manage their IT resources.  Because of this, production systems typically require more approvals and utilize different best practices than systems created for development and testing. Then, to make life even more interesting, within the same group different IT services can have different components which can necessitate different deployment processes. And we are not done yet! Every use within that group can have different access needs which limit both the services that they can request and the management functions that they can perform against those compute resources. 

I am exhausted just thinking about it. Bottom line – Automation tools which provide a one size fits all approach will not provide enough flexibility as implementations grow beyond typical lab deployments.

4.  Delegated Self-Service
Even with the appropriate governance and controls in place, some companies don’t feel comfortable jumping to  full service modes where end users directly provision and manage their own IT resources. Instead, these companies prefer a delegated self-service model, where an administrator provisions on-behalf of the user. For this to work the software needs to be able to track the actual owner and not the person who provisioned the machine. Ownership tracking is key  to successful lifecycle management. Look at it this way, it’s no use knowing who made the car when you just want to know who put 100k miles on it.

So be sure to look for automation tools that support an administrator initiated provisioning model that  tracks the owner/user. You will thank me later.

I have only scratched the surface on some of the significant differences you should consider when initiating automated self-service. Hopefully I have given you a sense about what to look for.

But don’t think that just because you have automation a private cloud creates. On the contrary, it is just one of the parts to a successful cloud strategy. But fear not, we will be reviewing more. Next we will look at some of the challenges of sharing a common physical infrastructure and what a secure multi-tenant environment will mean to you.

Welcome!

Here it is – the DynamicOps corporate blog! We are very excited to launch this blog in conjunction with our new website. Take a look at http://www.dynamicops.com. And yes, this is the obligatory first post that welcomes you to our world and encourages you to join the community as we dive in and out of the clouds. (editor note: we will limit the cloud analogies and cheeky puns but I have to let my marketing manager get it out of her system).

The goal of this blog is to share our insight in the industry and the field of private & public clouds – our war stories, our learning and our observations. There will be a good dose of VDI talk, a healthy amount of tech chat and hints, a smattering of commentary, best practices and guidance, and just a sprinkling of life observations. Thank you for joining us and be sure to come back often, spread the word to friends and colleagues and even provide your own commentary to keep the conversation kicking.

Cheers!
Leslie Muller

Founder & CTO