The Move to Hybrid CloudBenefits and challenges to IT Service Management

Matt Johnson, April 2015

Agenda

• Recap – what is cloud anyway?

• Deployment, Service models

• Essential characteristics

• The Hybrid cloud model

• Service Management in a hybrid cloud world

• Service Design: Capacity, InfoSec, Supplier Mgmt

• Service Transition: Change, Asset/Config, Release Mgmt

• Service Improvement: Service Measurement & Reporting

• Recommendations

Recap:

What is Cloud, anyway?

Recap: What is Cloud anyway?

Cloud Models

• Cloud Deployment models

• Public – multi-tenanted Internet-based service (AWS)

• Private – single-tenanted, closed-network service (vCloud)

• Community – multi-tenanted service aimed at a specific user group

• Hybrid – Combination of 2 (or more) cloud infrastructures

• Today’s focus is on Hybrid Cloud models

Cloud Models

• Cloud Service Models

• IaaS – compute, storage, networking services

• PaaS – managed platform that supports app development

• SaaS – managed software delivered via a web browser

• Today’s focus is on IaaS service models

Cloud Characteristics

• Essential Characteristics

• Broad Network Access

• Resource Pooling

• Rapid Elasticity

• Measured Service

• On Demand Self-Service

Essential Characteristics

Broad Access – addressing usability

• Traditional IT has historically been “siloed”

• Vertical deployments of application stacks for specific purposes

• Access to these silos is controlled independently

• Integration across services is limited

• This isn’t always a bad thing!

• Security, accountability, control are all increased

• But this approach…

• …has resulted in “planning blight”, and

• Leads to the use of “Shadow IT”

Broad access – more than one way…

Cloud Service

Web console

Command Line

REST API

Development SDK

3rd party integration

Resource pooling – addressing efficiency

• Consolidation of workloads

• More efficient use of infrastructure

• Higher availability (through HA)

• Lower infrastructure costs

• Comes at a price

• Less spare capacity to scale,

unless you purchase “spare”

• Failure of physical servers impact

more services

Resource pooling – benefits at scale

Organisation with

200 physical servers:

~ $6,500 per server

Cloud provider with

20k+ physical servers:

~ $1,000 per server

• Traditional architecture design

requires adopting one of two

approaches:

• Design for peak load – results in

unused capacity

• Design for average load – results

in over-subscribed capacity

• Virtualisation can help solve

compute capacity, but not:

• Network / storage capacity

• Scaling automation

Elasticity – addressing capacity

Elasticity (rapid scalability)

• Public cloud provides “infinite”

(from a typical customer’s

viewpoint) scalability

• Deals with the “hard” stuff that

virtualisation doesn’t:

• Scaling network/bandwidth

• Scaling storage

• Scaling automation

Measured Service – addressing purchasing

• IT has traditionally been a cost centre

• Pressure to reduce costs

• Expenditure linked to budget cycles

• Typically high CapEx for new projects

• IT increasingly adds value to business

• Showback / Chargeback are attempts to

represent this value to individual business

units

• Very difficult to apportion core infrastructure

costs (switching, network, etc.)

Measured Service – pay as you go

• Cloud services charge based on use

• Discount levels for bulk usage

• No minimum contract periods

• Detailed metrics, which can be categorised as required

The Hybrid Cloud model

Private + Public = Hybrid

Hybrid Cloud

• At its simplest, Hybrid cloud simply connects two (or more)

cloud services via defined mechanism(s)

• In practice, there are two distinct patterns for service delivery:

• Discrete – individual services reside on a single, specific cloud

• Integrated – individual services are managed & delivered

transparently across the hybrid cloud infrastructure

• Management services are similar:

• Discrete – each cloud is managed individually

• Integrated – combined management stack

Why Hybrid?

• Allows you to make best use of the strengths of each type

of cloud platform:

• Public Cloud (such as AWS):

• Scale, pace of innovation, elasticity, additional functionality, price

• Private Cloud (such as vCloud):

• Security, customisation, compliance, control

• Provides a transition path from fully on-premise services

• Great for pilot / PoC / development / DR service provision

• Lots of different justifications; in practice, it comes down to:

• Public cloud = agility

• Private cloud = control

Public cloud capability (AWS)

Private Cloud control (Eduserv)

• Secure Compute Cloud

• Government-accredited infrastructure (“IL2”, “IL3”)

• UK data sovereignty – UK owned and operated datacentre

• Specialist network connectivity (PSN, Janet, WAN, etc.)

• Capability for external audits

Hybrid Cloud – Management considerations

• Infrastructure

• Deployment tools are likely to be different to on-premise IT

• Be aware of subtle differences, esp. if you are used to vSphere

• Network connectivity

• Fast, low-latency links are important where services are integrated

• OS & application management

• Existing tools should be compatible, but…

• …may not be able to handle “cloud-native” designs

• Think about how you architect directory services across clouds

• Start simple!

Hybrid Cloud Service Management

Some considerations

Capacity Management

• Hybrid “Cloud Bursting” is (in most cases) a myth

• Scaling a service tier across a hybrid cloud is complex and costly

• Keep tiers within a single cloud (i.e. web on public, app on private)

• Try to place “bursty” services onto public cloud infrastructure

• Long-term stable services are a good fit for private cloud

• There’s no such thing as “spare” capacity on a public cloud

• You pay for anything that is running / being used

• Turn on when you need it, off when you don’t

• Public cloud is great for off-site storage (object/tape storage)

• Push (encrypted) backup data, with retention/lifecycle policies

Supplier Management

• One of the most important hybrid cloud

processes to understand

• Understand cloud providers T&Cs

• Unlikely you will be able to modify the terms

• Understand data retention, termination,

payment requirements

• Understand cloud provider service levels

• What SLAs are offered? What are the

exclusions?

• Typically SLAs are against the entire

infrastructure, NOT single VMs

Information Security

• Not always as clear-cut as private > public re. security

• Cloud providers existence depend on delivering secure services

• However legal compliance is sometimes out of their control

• For IaaS service models, OS responsibility is still yours

• Patching, AV, IDS/IPS, hardening, etc.

• Key aspect of hybrid cloud is integrated monitoring

• Similar tools across public/private clouds to protect OS and apps

• Control access to Cloud provider APIs / user accounts

• Enforce strong passwords, 2FA, access controls

• Difficult to overstate the importance of this requirement

Change Management

• Make use of cloud service tools

• Audit logs (such as AWS CloudTrail, Config)

• See if your existing toolsets can integrate with your public cloud

• Remember that some changes are cloud-initiated

• e.g. Auto-scaling of instances due to load / bandwidth capacity

• As with configuration management, it’s the auto-scaling policy

that should be under change control, not the instances

themselves

Asset & Configuration Management

• Cloud assets are often transient

• Created and destroyed based on demand requirements

• Auto-scaling instances are identical

• Cattle v Pets analogy

• Asset manage the template,

not the instance

• Disable management connectivity to

individual instances

• Version your templates/config

Release Management

• Approach depends on architectural design

• Cloud-native application:

• Continuous integration / deployment

• Blue / green deployment

• Rolling upgrades

• Enterprise applications

• Existing approaches can be used

• Beware of public cloud limitations (snapshots, rollbacks)

• DevOps approach is worth investigation

• Combine Development and Operations skills within a team

Service Reporting

• Public clouds provide great metrics

• But you have to work to integrate them with your systems

• And decide how much of them you want to share with end-users

• If you haven’t already, invest in a centralised data repository

• Lots of options:

• Open-source, such as Elasticsearch

• COTS, such as MS SQL Analytics

• Cloud-based, such as SumoCloud or Splunk

• The benefits far outweigh the costs of implementation

Conclusions

Cloud is not just hype…

• …done right, Public cloud provides:

• Scale, elasticity, self-service, metered usage

• The agility to deploy new services rapidly with no CapEx

• However, Private cloud is still vital for:

• Sensitive services that are required to be hosted locally

• Stable, long-running service with known workloads

• Hybrid cloud allows you the best of both worlds

• But requires you to adapt your processes to accommodate both

• How far those adaptations go depend on how “bought-in” you are

• Lots of good practice in the market – make use of it!

QUESTIONS?

Thank you!

Matt Johnson

Principal Infrastructure Architect, Eduserv

Web: http://www.eduserv.org.uk/services/cloud/

Twitter: @mhj_work

LinkedIn: https://uk.linkedin.com/in/mhjwork