becomming a cloud governance ninja linthicum interop fall 2013

© 2013 Cloud Technology Partners, Inc. / Confidential

1

[email protected] / Senior Vice President

Becoming a Cloud Governance Ninja


2

Geek Level

Your Grandparents whoare still using AOL

That guy who can convertyour name to Hex


3

The business benefit of cloud governance is clear.

Introduction

Combine the value of governance with the value of leveraging cloud computing in general and the core benefits of cloud governance become even more tangible:

• Faster time to market

• Operational cost savings

• Ability to expand elastically

• Ability to better secure and control your business assets

As we move from simple, single cloud solutions, to complex multicloud implementations, the need for governance becomes much more apparent. We’ll explore:

• What is the real value of cloud governance?

• The rise of multicloud and the use of governance

• Best practices and top emerging technologies

• Step-by-step governance process to ensure a successful deployment


4

What is Multicloud?


5

The Promise of Multicloud

On site

Hosted

Public

Source: HP


6

Cloud Maturity Model

Orchestrate

Automate

Virtualize

Combine

Standardize

Time

• Lower cost• Consistent use of technology• Enhanced performance• Reduced complexity

• Normalize assets• Increase efficiency• Improve management• Improve governance (non-automated)

• Lower cost• Delayed provisioning • Improved resource management and utilization• Moving to centralized control• Initial use of services

• Lower cost• Self provisioning• Automated governance • Adaptable security• Improved user experience• Service oriented

• Dynamically aligned to the business

• Self adapting• Automated governance

and security• Enhanced business agility

Cloud Innovator

Cloud User

Preparing for Cloud

Bu

sin

ess

Val

ue


7

Characteristics of a “World Class” Cloud

Consumers Want

Elasticity & Scalability

Control

Productivity

Agility

Cost

• Flexible resource configurations• Dynamic scale-up / scale-down of resources • Seamless support of multiple clouds• Flexible resource quotas

• Role based access controls• Comprehensive monitoring and logging• Image Lifecycle Management• Integration into Incident, Change, Patching Management

• Common Self – Service Provisioning Portal into all cloud end points• Robust Service Catalog meets all of customer cloud needs • End to End Automation• Supported APIs allowing the applications and data sources to communicate with one another

• Self – Service Resource Provisioning• Rapid Elasticity• Capacity on Demand insures resources are always available• Rapid disaster recovery – Active / Active application support• Seamless support for different endpoints

• Metering and Chargeback• Pay as you go• Consumption based • Reliable asset tracking and usage reporting

Providers Deliver


8

• So, what is a multicloud? Think something more complex than a hybrid cloud, which is typically a paired private and public cloud. Multicloud is more clouds added into the mix, perhaps two or more public IaaS providers, a private PaaS, on-demand management and security systems from public clouds, private use-based accounting…you get the idea.

• This is really where we have all been headed in the last few years, creating solutions from a complex set of best-of-breed private and public cloud computing services. This is much the same process as when we moved to complex distributed internal systems in the past. We built what we needed by integrating various technologies to form the business system to meet our exact requirements. This is no different; it just uses cloud-based technologies.

Multicloud


9

Why cloud governance?


10

The Idea is to Place Control and Automation Into a Domain


11

Se

cu

rity &

Ide

ntity

Ma

na

ge

me

nt &

Se

rvic

e G

ov

ern

an

ce

Data

Data Services/Abstraction

Transactional Services

Process Management (BPMS) Composites/Portals

Monitoring and Management

Rules Management

Reference Architecture


12

1. Governance

2. Regulatory Compliance

3. Security & Identity Management

4. Business Continuity

5. Process and Services

6. Data Management

7. System Integration

8. Resource Skills & Knowledge

9. Application Readiness

10. Network Readiness

Enterprise Vulnerabilities - Assess your Risks

COMPLEXITY OF MITIGATING RISK

RIS

K T

O O

RG

AN

IZA

TIO

N

12

5

34

6

7

8

9

10


13

“as-is”


14

“to be”


15

Deploy


16

Enterprise data center

Enterprise data center

Private cloud Hosted private cloud

Managed private cloud

Enterprise

Shared cloud services

EnterpriseA

EnterpriseB

Public cloud services

A

Users

B

Third-party hosted and operated

Third-party hosted

Private Implemented

on client premises

Client runs/manages

Third-party operated

Enterprise owned

Mission critical Packaged

applications

Third-party owned and operated

Standardization Centralization Security Internal network

Mix of shared and dedicated resources

Shared facility and staff

Virtual private network (VPN) access

Subscription or membership based

Shared resources Elastic scaling Pay as you go Public Internet

Corporate Firewall

Source: Jimmy Mills, IBM

Consider the Emerging Architecture – and this could be for multiple cloud providers


17

Cloud Governance Solutions


18

The Basic Idea


19

Cloud Governance Technology

Cloud Service/API Governance

Runtime (Automated)

Service

OrientedSecurity Oriented

Design-Time

Cloud Management Platforms

Active (Automated)

Operations Oriented

Development Oriented

Passive

Provider Native Governance and Management

Active

Provisioning Security Management

Passive

Types of Cloud Governance Solutions


20

Cloud Governance is the Center of it All

MethodologyKPI &

Monitoring

Lifecycle Process Certification

QoS

Standards Technology

Portfolios IncentivesRules &Resp.

People Competency

Organization

Tools

CloudGovernance


21

A CMP enables Enterprises to manage many clouds as one

my network

my serversmy storage

Public Clouds Public/Private Clouds

CONFIGURATION AUTOMATION GOVERNANCE GLOBAL SERVICES

Internal DC

my serversmy storage

BARE METAL

Cloud Management Platform

IT ORGANIZATION


22

A Cloud Management Platforms (CMP) is an integrated suite of tools that provides automated management of public and private cloud environments. CMPs facilitate the operation and build out of cloud services by eliminating the need for cloud silo specific interfaces and end user knowledge of cloud underpinnings.

• CMPs provide capabilities including:– Self-service interfaces for

• Operations

• Monitoring

• End User requests

– Image provisioning

– Metering and billing

– Workload optimization via

• Policies

• Workflow

• Roles Based Access Control (RBAC)

What is a Cloud Management Platform


23

RuntimeGovernance

Repository Logs

Policies

Policies

Monitoring

Service Governance is Policy-Driven


24

Create a Governance Model

Defined Policies

Defined Policies

Define Policies

Design Policies PolicyDesigns

PolicyDesigns

Implement Policies GovernanceModel

GovernanceModel

ProcessModel

ProcessModel

InformationModel

InformationModel

ServiceModel

ServiceModel


25

Gartner’s Cloud Management Platform Reference Architecture

Access Management

Service Management

Service Optimization

Resource Management

Resources

Cloud API

Clou

d M

anag

emen

t Pl

atfor

mCl

oud

Impl

emen

tatio

n

•Self-service interface•Identity management

•Service catalog •Service provisioning

•Service governor •Service orchestration

•Resource configuration management •Resource monitoring

•Resource pools•Virtual and physical resources

Source: Gartner, “How to Build an Enterprise Cloud Service Architecture,” March 5, 2012


26

• This problem has not gone unnoticed • All of the major software companies have offered solutions • New vendors have entered the market, most of them from the pure cloud perspective • Vendors typically have an application or Infrastructure focus and have expanded from

point solutions

Vendors Rush in


27

Policy

Policy

Policy

Policy

Go

vernan

ce / Secu

rity

Single consolidated control point for governance, orchestration, and delivery

Applications

Regulatory compliance policies

SLA policies including autoscaling

Configuration mgmt policies

Security zones policies

Lifecycle event policies

Orchestration policies

Access control/entitlement policies

Workload placement policies

VM quotas and scheduling

Metering/charge back policies

Backup and failover policies

Resource capacity policies

Storage tier policies

Much more…

Roles

Rights & Permissions

Projects Orgs

Network Compute Storage

OS & OS Config.

SOE Agents/Util

Security and Environment Config.

Code/Artifacts

Infrastructure & SOE

Platforms

Services

Topologies/Config

App Config.

Application Components

Cloud Management Platform


28

a

A Cloud Management Platform provides automation and governance across the application development lifecycle

Use policies to provide both consistency and

customization:

Customize Environment Dev Security zone Dev VM quotas Dev charge back Public cloud permitted No autoscaling No failover

Customize Environment QA Security zone QA monitoring QA autoscaling Private cloud only QA backup/failover

Customize Environment Prod Security zone Prod monitoring Prod auditing Prod autoscaling Private cloud only Prod backup/failover

…And Enforce Consistency SOE packages App topologies Reg. compliance

Policy Controlled Consistency

Policy Controlled Customization

Dev Blueprint

QA Blueprint

UAT Blueprint

Code Code




29

Ask by email / [email protected] / www.cloudtp.com

Questions?

becomming a cloud governance ninja linthicum interop fall 2013

Technology

cloud technology partners

public cloud

customer cloud

cloud businessvalue

hybrid cloud

cloud governance ninja

real value of cloud

single cloud solutions