Posts Tagged Cloud scalability

Part 3: Maintaining Control of Your Cloud


by: Rich Bourdeau, VP Product Marketing, DynamicOps

Here we are #3 in our series. Let’s take a quick review of where we are at:

  1. Automated self-service automates the process to provision and manage IT resources. 
  2. Secure multi-tenancy allows you to reserve resources for different groups, assuring that only authorized users will be able to create, reconfigure or decommission machines from resources allocated to that group. 

The next big challenge in deploying on-demand private cloud services is being able to control the amount of resources, the process used, and the management functions that can be performed for each type machine or application.  Pretty simple. Not really. But it can be with some homework and insight.

Moving at the speed of virtualization 

The good thing about virtualization is that it is quicker and easier to provision virtual machines than physical machines.  The bad thing about virtualization is that virtual machines can be provisioned much quicker typically without all the controls that accompanied the lengthy procurement and provisioning process of physical machines. Without appropriate operational governance and control, it is not uncommon for companies to waste 10-20% of their resources on unauthorized and over provisioned machines. And to add to the mix, many virtualization management software solutions on the market do not enforce the same controls to assure that machines are provisioned according to organizations best practices.  This leads to non-compliant machines with outdated software versions that expose companies to unplanned downtime and security risks.  Your management software should help control and contain, not create additional layers of challenge.

Limiting resource consumption

Cloud automation software must have policies which control the quantity and type of resources a user is allowed to consume during the provisioning of a machine or application.  Period. The administrator must be able to specify not only how much CPU, memory, storage and network resources a given user, or application will receive, but also the tier (service level) and pool that the resources will be allocated from.  Unless you want to maintain a large number of service blueprints, you will want to be able to set up service blueprints with a variable amounts of resources but with approval thresholds and the ability to customize the approval workflow. Getting better control over resource consumption by delivering the right size machine at the right service level can translate to significant capital savings.

Enforcing Best Practices 

The advantage of automation is that you have better control and enforcement of your best practices, ensuring that every machine is configured using the same process every time,  thereby eliminating the potential for mistakes or intentional circumvention of company policies. These policies include custom things like approval workflows; build parameters, customization settings, lease duration, archival policies, and what management functions a given user will be allowed to perform against the machine after it has been built. 

Controls should be granular

It is not sufficient to be able to specify policies that that apply to all users, or all machines or even all the users in a business group.  If you think about it, you will quickly realize that different types of machines need different processes and build parameters.  These operational controls need to be granular enough to accommodate what is common vs. what is different between not only different types of machines, but also different users or groups of users. For example:  You may need to provision desktops for both developers and office users. While they both need common policies which control how Windows is configured, and connected to the network, etc  they can be completely different  in the amount of resources, they will be allocated as well as the management functions that developers will be allowed to perform compared to office workers 

Enforce governance with policies not people

The key to automated self service is to replace operational governance with policies not people.  Without the appropriate controls in place you will just be trading reduced operational savings for increased capital savings.  Policies will keep it all aligned to the corporate goals.

Maintaining control is easier than you think. Just stay true to these simple things:

  1. Analyze your process and make sure your vendor addresses all levels
  2. Keep your fingers on the knobs that control consumption
  3. Best practices are called best for a reason – stick to them and make sure your vendor falls in line
  4. Know the needs of all business groups and make sure the solution will scale up AND down to accommodate

Now that we have the control issue covered, join me next time when we look at Deployment Simplicity as the next private cloud management must have.

, ,

Leave a comment

Part 2: How to Share and Play Well with Others in a Private Cloud


by: Richard Bourdeau, VP Product Marketing, DynamicOps

The common infrastructure. What a blessing. What a curse.

Here is a familiar scenario for you…Well mannered IT administrator goes to provision resources for a mission critical application only to find that said resources have already been consumed by someone in a different group. To make matters worse, the other less important function is over-provisioned. Well, a handy automated self service product would have helped this guy out, you say. Not necessarily. Many of today’s typical automation tools just treat your shared infrastructure as a single pool of resources with little or no control over who can consume them. And don’t confuse manual approvals as part of the provisioning process as solving this problem. In a large environment, it’s too easy to lose track over who can consume which resources.

It’s this daily occurrence that makes the ability to deliver secure multi-tenancy one of, if not the most important aspects of cloud computing. By allowing multiple groups or tenants to share a common physical infrastructure, companies can achieve better resource utilization and improved business agility. By dynamically reallocating resources between groups in order to address shifting workloads, companies can more effectively utilize their limited IT resources.

The challenge is to share in such a way that one group does not have access, or even visibility, to the resources that have been allocated to others. Without a secure method of ensuring multi-tenancy, a cloud computing strategy cannot succeed.

Secure multi-tenancy is one of those buzz words thrown about by most cloud automation vendors. Sure, many of them can do it. But to what scale? To what level of control and capacity? Before selecting a vendor make sure their capabilities to securely share a common IT infrastructure meet both your current and future needs.

Multiple Grouping Levels
Make sure that your cloud management tool has enough levels of grouping to support both your organizational constructs as well as the levels of service tiers that you want to provide for those businesses moving ahead.

For Example: You don’t have to be a large company with multiple divisions, each having many departments to need multiple levels of grouping. Maybe your company is not that big, but you want to separate desktop operations from server operations from development and test. In addition you may also want to sub-divide resources allocated to a group into several service tiers (i.e. Tier 1, Tier 2, and Tier 3). Most companies will need a minimum of 2-3 levels of resource grouping.

Think Strategically Act Tactically
Most companies start their private cloud deployments with a single group or in a lab. This is certainly a viable strategy to get experience with new technologies and processes before expanding deployment to multiple groups. The mistake many companies make is selecting their cloud automation platform to only support the requirements of that control group. One of our customers has been so successful with their initial deployment that they not only expanded it to other groups within that company, but are in the process of expanding it to other divisions, creating a community cloud across multiple business of this large multi-national company. And the process is going smoothly for them because they knew to anticipate future needs to maximize their technology investment.

As you look to implement a cloud infrastructure remember the story of our well mannered IT administrator and remember, it can happen in the cloud too. The trick is to know how to avoid it.

Go in knowing these things about your business:

  • What do we need now?
  • What will we need in the future?
  • Can the tech support the transition in scale?
  • What kind of provisions are made to protect allocated resources in shared pools?
  • Ask and ask again, will it scale?

Now onto governance control – who can have what and how much. It can be easier and more effective than you think. Stay tuned!

In the meantime tell us how you maintain secure multi-tenancy. How do you do it?

, ,

Leave a comment