Nuts & Bolts of the Cloud

As I wait for my son to wrap his Saturday morning MindVenture class, I decided to type this post on my Blackberry about what is behind the Cloud, its components, basically it's Nuts & Bolts!  I am surely going to have sore thumbs after finishing this article! :-)

So here you go..

At the very heart of a cloud service is a Central Database expressed in an acronym as CMDB. In that layer are stored Policies and the Definitive Media Library that govern how things should be configured & controls around the same. 

The next layer has the elaborative Data Model over which the Service Manager sits as a dictator governing the Workflow Manager, Platform Manager & the Resource Manager. It also controls the Infrastructure Resources like network, storage, servers, hardware, software and all the other bells & whistles. Around these Managers is the Provider API that hooks up all the relevant managers to the providers - Control Provider, Advice Provider & the Resource Providers. These Providers do the actual dirty work of provisioning, communicating, reporting and configuring the resources as per the user requirements.

Beyond the Provider API, there is usually a Cloud API that lets external customer systems talk (integrate) to the Cloud Solution and beyond that is the Cloud User Interface that the Cloud End Users, Cloud Administrators  use to control, monitor & deploy their Cloud Experience!

Each of the above component is a beast in its own way with complex technologies under it. Unless all of these components synch up together and work like a team, the Cloud Solution may just fall apart!

Also posted on BMC Communities

Implementing Identity Management in the Cloud

Effective Identity Management needs a very high level of commitment from the corporates and needs dedicated resources to get this accomplished. Typically, Identity Management in the Cloud requires the following to be in place:

• Establishing a Credentials database
• Managing Use Access Rights
• Enforcing the Security Policy
• Developing the capability to create & modify user accounts
• Setting up monitoring of resource accesses
• Setting up a process for removing access rights
• Provide training on the processes

The Open Group and WWW Consortium (W3C) are working towards a global standard for Identity Management System that would be interoperable, provide for privacy, implement accountability and be portable. Identity Management is also being addressed by the XML based eXtensible Name Service (XNS) open protocol for universal addressing and provides a permanent identification address for a container of an individual's personal data & contact information. XNS also provides means to verify whether an individual's contact information is valid and a platform for negotiating the  information exchange. 

Benefits of Identity Management in a Public vs Private Cloud

Public Cloud ·         Implementation best practices (example: provisioning/business use cases, etc.) gained over other customers can be reused in a cost effective manner during similar deployments for a new deployment ·         Security and SLA are at higher risks due to public exposure and a complex shared environment (network complexity) ·         ROI - cost effective in the short term

Private Cloud ·         Implementation expertise (example: development/technical) gained within the enterprise reduces further integration (wider and broader) costs & time ·         Shared Services architecture can be easily reused across the enterprise to easily drive other business requirements ·         Compliance and regulation requirements may be easily monitored/enforced within the company ·         ROI - cost effective over the long term

The ultimate solution is Autonomic Security. This is a self managing computing model in which systems reconfigure themselves in response to changing conditions and are self healing - something similar to the likes of Terminator or i-Robot...! It's still somewhere in the future but mind it, people have already started thinking about it and are working on many prototypes that will change the Cloud Identity Management!

References: Oracle.com, Cloud Security - Ronald L Krutz & Russell Dean Vines
Also posted on BMC Communities

Key Metrics for your Cloud

Both Cloud Consumers and Cloud Service Providers are looking to reduce costs, optimize the services and further their business goals. In order to achieve these, they need to focus on several key metrics:

Time to Market (Cloud Providers): Time is crucial in the highly competitive Cloud Service Provider industry. The time to market is a make / break factor in any cloud deal. The turnaround time for IT resources to be provisioned enables new services and products to be deployed faster than traditional IT and this is a critical success metric for any cloud service provider. Time & Effort required for provisioning a cloud service / resources is of utmost importance to an organization and is also a concern for cloud service providers.Reducing the time & effort to provision a service results in reducing the burden on IT staff thereby resulting in a reduced cost of the Service.

Utilization of Physical Resources: In traditional data centers, a lot of physical resources are under utilized. Cloud based data centers make use of automated workload management & virtualization techniques that help organizations get better ROI on their investments. From a Service Provider perspective, this helps them to maximize and optimize the usage of their resources.

Retirement of the Cloud Services: Proper service management enables organizations and service providers to have an end date to the services to help them manage, plan and budget the resources. In traditional IT data centers, people tend to "forget" services if they don't use it for a while.

SLA Management: This is the basis of tiered support of services in the Cloud. Service Level Agreements allow the services to be deployed by classifying them for uptime & failover parameters.High priority services obviously cost more to support and will be expensive. If your users expect lower service levels - eg. DEV / QA environments, go for lower SLA levels to reduce cost.

Admin - Server Ratio: A key metric for both the cloud consumers and service providers is the Admin to Server ratio. This demonstrates the optimization capabilities of the provider and the lower it is, the more cost benefits the customer can expect. Automation tools, workflows and workload management helps to reduce this ratio.

Predicting Service Costs: A key metric to look for is whether you can predict & trend your service costs. This can help organizations to predict demand, plan capacity and manage costs.

Apart from the above, there are many other factors & metrics that you can look out for based on your organization needs.

Also posted on BMC Communities.

Cloud Implementation Best Practices

Here are some of the key best practices that I have learned over a period of time for running a Cloud Implementation. Enjoy your Cloud!


Form a Cloud Initiative Team & a Cloud Champion
The first step in your vision to have a successful Cloud Implementation is to form a Cloud Initiative Team, some people refer to it as a "Tiger Team"! This team should comprise of key Business Stakeholders, a Cloud Architect, Vendor / Partners of the project and key technical IT resources who will drive the project, evaluate Cloud technologies and help to define the business strategy around Cloud Adoption. Another important thing to do is to designate a Cloud Champion - a "go to guy" for everything related to the Cloud project including working as a liaison between various teams & the Cloud Initiative Team.

Build a Parallel Cloud Environment from Ground Up
A lot of organizations try to add on the cloud infrastructure to their current behemoth IT infrastructure and let it grow to be a big white elephant! Avoid this pitfall...Try and build a parallel Cloud Environment from ground-up. This gives you a chance to break free from the traditional mindset & processes & gives you the ability to experiment & explore. This will lower the barriers to entry for your IT Admins & Users and create a wall between your Revenue Generating environment and the new Cloud Environment. This also helps in your learning experience and avoids costly mistakes that can impact your revenue stream.

Simple Hardware & Software Standards
Avoid a complicated hardware / software spread. Try to keep focus on a single technology stack which is simple & will satisfy 80% of your users. For e.g. bring in virtualized x86 servers running Windows or Linux. The more complicated your environment is, the more technical resources you will need to administer and more chances of failure!

Bring in Existing Shadow Cloud Users
There is a possibility that there are multiple business / IT users internally who are using the Cloud (Amazon EC2, Google etc) without the knowledge of the IT Management teams. Rope in these users to adhere to policies & processes that the Cloud Initiative Team has worked on to increase their adoption. Make it an inclusive approach rather than an exclusive one!

Enforce Deployment Policies from the Start
Deployment Policies are crucial for an organization to ensure that users are kept in check, enforce the security of the Cloud & applications on the cloud as well as bring in the high level of automation that Cloud services can provide.Policies instruct automated systems on how, where and if a technical service can be deployed in your Cloud Environment.

Also published on BMC Communities

7 ways to a Greener Cloud!

Based on a recent report released by Forrester Research at the end of June 2011, Cloud computing should help the earth to become a more greener place to live...

Forrester says..."Cloud-based server, storage, and network infrastructure — also called infrastructure-as-a-service (IaaS) — will inherently deliver green IT benefits: lower energy costs, carbon emissions, and electronic waste (e-waste). Not only does the self-service and pay-as-you-go nature of cloud encourage your users and applications teams to consume only what they need, but the IT infrastructure that is consumed is run in a highly shared, virtualized, and utilized manner that drives IT efficiencies. For IT infrastructure and operations (I&O) professionals implementing or considering IaaS, don't overlook its green IT benefits, especially as energy and carbon prices rise and data center power and cooling limits are reached. This report explains why IaaS is greener than a traditional environment and identifies key steps that I&O professionals can take to maximize their energy, carbon, and e-waste efficiencies."

Here are the seven ways that Forrester lists out on how an IT professional can make his or her cloud computing even greener — regardless of whether or not the approach is public or private:

1. Make sure the data center is using power generated by renewable energy sources or that it uses “free cooling” methods. As an example, Forrester cites the Microsoft data center in Quincy, Wash, which uses hydroelectricity. As you pick your cloud provider, ask the question: Does the data center is uses take advantage of solar, wind or other sources. Can it rely on free air cooling at least part of the year?
2. Look for modular data center approaches. That means the cloud service provider — or your own organization, if we’re talking private cloud — is using an “as you go” approach to designing and building out the facility. Infrastructure should be brought on and provisioned as necessary, in order to keep utilization rates high. Forrester also suggests looking for a provider that has invested in a green certification, such as the Leadership in Energy and Environmental Design (LEED) designation that was developed by the U.S. Green Building Council.
3. Get yourself more energy-efficient power and cooling systems. There has been a lot written about the need to make computer hardware more energy-efficient. Now, it’s time to extend that mentality to uninterruptible power supplies, power distribution units, air-side economizers and the like.
4. Think converged. Forrester suggest that blade architectures that converge server, storage and network architectures into a single rack aren’t just easier to manage, they are far more energy-efficient.
5. Virtualize and automate. Sure, pretty much every company has done SOME virtualization work. But how much is green enough? Forrester suggests that 76 percent to 100 percent of a company’s total server footprint should be virtualized in order to deliver significant green IT benefits.
6. Measure and manage. Energy information should be coupled with management automation that consumption can be optimized. So, for example, certain energy-intense workloads could be moved (if appropriate) from daytime to night in order to take advantage of better prices per kilowatt hour. Likewise, an organization could affect its carbon footprint position, but centering the most intense It workloads in data centers that are more energy-efficient.
7. Set goals and strive for them. You can’t really improve your green IT strategy unless you have one. And you can’t make it better, unless you focus on specific goals. There are three primary areas in which a green IT strategy can be “greener”: procurement (as in, buying the most energy-efficient technologies), operations (taking advantage of software and automation tools to provide the best experience) and end-of-life (which means ensuring that technologies are disposed of properly according to emerging electronic-waste policy standards).

I think that Forrester's ideas and suggestions should be taken as guidelines by organizations trying to move to the cloud to ensure that they are contributing & doing their bit for our environment.

Also posted on BMC Communities blog