tsys private cloud solution for global development agility
TRANSCRIPT
© 2013 IBM Corporation
Development Self-Service Solution TSYS International
1
Please note IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion.
Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision.
The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
2
Agenda
TSYS Background Our Requirements The Journey
– Solution Selection – Pilot
The Solution Roadmap Lessons Learnt Functionality Opportunities Q&A
3
TSYS Background
4
the people of TSYS® improve lives and businesses across the world with every payment transaction.
41 million times each day
5
Payment Processing Solutions Credit Decisioning &
Application Processing
Campaign, Marketing & Product Management
Authorizations
Risk Management
Customer Service
Business Intelligence
Financial Management & Settlement
BUYERS & SELLERS
Card & Statement Production
Rewards & Loyalty
Authorization & Capture
Collections & Recovery
Clearing & Settlement
Payment Gateway
Merchant Support & Help Desk
Merchant Boarding
Fraud Mitigation
Full-Service Acquirer
Prepaid
6
TSYS Operating Segments
18%
20%
21%
41%
NetSpend
International
Merchant
North American
North America Services
International Services
Merchant Services NetSpend
Issuer Processing • Commercial Credit • Consumer Credit • Debit •Global Product • Healthcare • Loyalty • Program Solutions
Issuer Processing • Commercial Credit • Consumer Credit • Debit
Acquirer Processing •GP Net
Licensing
Acquirer Processing • TSYS Acquiring
Solutions
Merchant Acquiring • TSYS Merchant
Solutions • Central Payment JV • ProPay
Prepaid • Commercial • Consumer • Processing • Program Management
Revenue 2013 Estimates
7
Our Requirements
8
Requirements Summary
Prime Licensing Division (PLD) – Re-engineering development environment
• Previously: every developer’s environment on own laptop • Now: move to private, on-premise, dev cloud • Pre-req: “We must have self-service”
But also:
Processing environment already heavily virtualised However, need to develop strategic Orchestration & Automation
framework – Improve project delivery timescales
• IaaS, trending towards PaaS – Operational automation
9
PLD Self Service
Capabilities & Requirements – Request new virtual machines – Start/stop virtual machines – Clone virtual machines – Snapshot virtual machines – Install software – Manage to a quota – Automatic expiry (with warning) of virtual machines – Request expiry date extension – Requests need to be manually approved where appropriate
10
Orchestration & Automation Framework
Base solution to be delivered by PLD Self-Service Central “Manage From” system to help manage
– Development – Processing UK – Processing Brazil – …and beyond
Network Segmentation & Classification of Source Code – Manage From environment cannot talk directly to managed virtual
instances • Proxy/relay solution must exist for each zone & technology
11
The Journey - Solution Selection
12
Solution Selection
Six vendors invited to participate in Product Evaluation – Including “pure” OpenStack solution, presented by in-house
enthusiast & contributor Discussions, Q&A, and scoring Shortlist of two vendors: IBM and A.N. Other
– IBM offering was TSAM Reference calls
– Strong recommendation: • Consider Open Source infrastructure integration layer
Almost exactly one year ago… – IBM announces SmartCloud Orchestrator at Pulse2013
13
The Journey - Pilot
14
PLD Self-Service - Pilot
IBM offers “Lighthouse” pilot engagement based on SCO – Partnership approach, both parties fully commited to success – Enhanced support through the engagement – Direct access to labs – Early adopter feedback – Turn bleeding-edge into leading-edge – References and case studies
Where are we now:
– Pilot testing complete, including extensive end-user testing – Finalising non-functional testing – Planning production roll-out (see later)
15
The Solution
16
Simple IaaS Services (VMs)
Cloud Management/Governance
Advanced IaaS Services
ITIL Managed IaaS services (Advanced IaaS services integrated with ITIL processes)
VM provisioning & On-boarding
Role & Authentication Management
Cloud Management
VM Image Construction
Image Management
Usage metering,
accounting & chargeback
Virtualised Infrastructure
Monitoring
Capacity Management and Planning
Event Management
Patch Management
Endpoint Compliance & Management
Backup & Restore
Storage Provisioning &
Automation Management
Network Provisioning &
Automation Management
Services Orchestration
Problem & Incident
Management IT Asset
Management License
Management Change &
Configuration Management
Service Desk
Release Management
1
2
3
4
Incr
easi
ng C
apab
ility
Simple IaaS Services (VMs) Entry point in the IaaS cloud space. It allows to start building a multi-tenant cloud infrastructure and model delivering simple VMS (configured with proper network and storage) that covers 70 % of requests from business lines.
Cloud Management/Governance Complements first macro-pattern by adding management capabilities that allow to manage aspects like SLAs, security, resiliency, capacity planning, etc… for both the infrastructure that provides the cloud and the cloud service itself.
Advanced IaaS services integrated with ITIL process Allows to completely integrated the cloud world with the remaining part of the enterprise by including the cloud infrastructure and services in the enterprise ITIL processes.
Advanced IaaS Services (VMs, Storage, Network, and combinations) Allows creating a more sophisticated cloud infrastructure for delivery of complex and critical IaaS services in highly demanding environments.
Hybrid Cloud Integration
Threat & vulnerability, identity & access, Security info and events
mgmt
Incremental Approach for Building Cloud Enabled Data Center Solutions
17
Simple IaaS Services (VMs)
Cloud Management/Governance
Advanced IaaS Services
ITIL Managed IaaS services (Advanced IaaS services integrated with ITIL processes)
VM provisioning & On-boarding
Role & Authentication Management
Cloud Management
VM Image Construction
Image Management
Usage metering,
accounting & chargeback
Virtualised Infrastructure
Monitoring
Capacity Management and Planning
Event Management
Patch Management
Endpoint Compliance & Management
Backup & Restore
Storage Provisioning &
Automation Management
Network Provisioning &
Automation Management
Services Orchestration
Problem & Incident
Management IT Asset
Management License
Management Change &
Configuration Management
Service Desk
Release Management
1
2
3
4
Incr
easi
ng C
apab
ility
Simple IaaS Services (VMs) Entry point in the IaaS cloud space. It allows to start building a multi-tenant cloud infrastructure and model delivering simple VMS (configured with proper network and storage) that covers 70 % of requests from business lines.
Cloud Management/Governance Complements first macro-pattern by adding management capabilities that allow to manage aspects like SLAs, security, resiliency, capacity planning, etc… for both the infrastructure that provides the cloud and the cloud service itself.
Advanced IaaS services integrated with ITIL process Allows to completely integrated the cloud world with the remaining part of the enterprise by including the cloud infrastructure and services in the enterprise ITIL processes.
Advanced IaaS Services (VMs, Storage, Network, and combinations) Allows creating a more sophisticated cloud infrastructure for delivery of complex and critical IaaS services in highly demanding environments.
Hybrid Cloud Integration
Threat & vulnerability, identity & access, Security info and events
mgmt
Incremental Approach for Building Cloud Enabled Data Center Solutions
18
Simple IaaS Services (VMs)
Cloud Management/Governance
Advanced IaaS Services
ITIL Managed IaaS services (Advanced IaaS services integrated with ITIL processes)
VM provisioning & On-boarding
Role & Authentication Management
Cloud Management
VM Image Construction
Image Management
Usage metering,
accounting & chargeback
Virtualised Infrastructure
Monitoring
Capacity Management and Planning
Event Management
Patch Management
Endpoint Compliance & Management
Backup & Restore
Storage Provisioning &
Automation Management
Network Provisioning &
Automation Management
Services Orchestration
Problem & Incident
Management IT Asset
Management License
Management Change &
Configuration Management
Service Desk
Release Management
1
2
3
4
Incr
easi
ng C
apab
ility
Simple IaaS Services (VMs) Entry point in the IaaS cloud space. It allows to start building a multi-tenant cloud infrastructure and model delivering simple VMS (configured with proper network and storage) that covers 70 % of requests from business lines.
Cloud Management/Governance Complements first macro-pattern by adding management capabilities that allow to manage aspects like SLAs, security, resiliency, capacity planning, etc… for both the infrastructure that provides the cloud and the cloud service itself.
Advanced IaaS services integrated with ITIL process Allows to completely integrated the cloud world with the remaining part of the enterprise by including the cloud infrastructure and services in the enterprise ITIL processes.
Advanced IaaS Services (VMs, Storage, Network, and combinations) Allows creating a more sophisticated cloud infrastructure for delivery of complex and critical IaaS services in highly demanding environments.
Hybrid Cloud Integration
Threat & vulnerability, identity & access, Security info and events
mgmt
Incremental Approach for Building Cloud Enabled Data Center Solutions
IBM SmartCloud Orchestrator
IBM SmartCloud Orchestrator
IBM Endpoint Manager
19
The Solution
Proposed a solution comprising SmartCloud Orchestrator (SCO), IBM Endpoint Manager (IEM), Tivoli Common Reporting (TCR)
Why SCO? – Self Service Capabilities, Workflow Integration and integration with VMware based infrastructure
Why IEM? – Supports Secure Computing Infrastructure, can traverse firewalls using secure relays
Why TCR? – Highly customizable reporting on top of OOTB SCO reports
20
The Solution – Architecture Overview (simple)
Proposed a solution comprising SmartCloud Orchestrator (SCO), IBM Endpoint Manager (IEM), Tivoli Common Reporting (TCR)
Why SCO? – Self Service Capabilities, Workflow Integration and integration with VMware based infrastructure
Why IEM? – Supports Secure Computing Infrastructure, can traverse firewalls using secure relays
Why TCR? – Highly customizable reporting on top of OOTB SCO reports
21
The Solution – Highlights – Basic SCO
Custom built onboarding and cloning functionality – Possibility to onboard an existing virtual machine as a Virtual
System Instance – Possibility to clone from a running virtual machine into a new virtual
system instance
For both use cases, use OpenStack, VIL and IWD REST and CLI APIs
22
The Solution – Highlights – Business Process Mgmt.
16 Use Cases offered via Self-Service Highly reusable BPM building blocks Email notification for all major workflow steps Customized error handling – notification of admins via email and
inbox task Specific approvals per workflow, via custom keystone roles
– Provisioning offerings – Is the project within quota? Within quota – approval to Team Administrator, Out of quota – Approval to Cost Center Manager
– Instance Lifecycle offerings - Is the requestor the owner of an instance? Automatic approval or approval task for instance owner
23
Roadmap
24
Our Roadmap
Continue to be driven by Dev requirements in short term Need to 'bullet proof' the solution for an enterprise environment
– Monitoring, backup, HA and DR Real need to simplify
– Project delivery in Processing – Operational & support processes in Processing – “Self-Service for Admins” – “Self-Service for Operations”
25
After Pilot (Now) Functionality
Level
Pilot Use
Cases
laaS For Dev
Replicate manual
processes
Manage To - Externa
Processing -
Brazil
Pulse2014 The Premier Cloud Conference
26
Create “Production” Manage From Functionality
Level
Live Use
Cases
laaS For Dev
Replicate manual
processes
Manage To - Externa
Processing -
Brazil
Pulse2014 The Premier Cloud Conference
27
Expand to Simple Network Changes Functionality
Level
Simple Network
Device Changes
Live Use
Cases
Enhanced Use
Cases
laaS For Dev
Replicate manual
processes
Europe
Manage To - Externa
Menqe
From
Processing -
Brazil
Pulse2014 The Premier Cloud Conference
28
Add PVDE* Solution as Manage To Functionality
Level
Simple Network
Device Changes
Live Use
Cases
Self Service for
PVDE
Enhanced Use
Cases
laaS For Dev
Replicate manual
processes
Manage To - Externa
Processing -
Brazil
Pulse2014 The Premier Cloud Conference
29
Experience an SCO Upgrade Cycle Functionality
Level
Simple Network
Device Changes
Live Use
Cases
Self Service for
PVDE
Enhanced Use
Cases
laaS For Dev
Replicate manual
processes
Manage To - Externa
Processing -
Brazil
Pulse2014 The Premier Cloud Conference
30
Expand into Processing – UAT First Functionality
Level Manage To - Externa
Pulse2014 The Premier Cloud Conference
31
Expand into Processing – Then Production Functionality
Level
Processing Prod
Manage To
Processing UAT
Manage To
Simple Network
Device Changes
Live Use
Cases
Operational
"Take Action"
Use Cases
Self Service for
Admins Use
Cases
Self Service for
PVDE
Enhanced Use
Cases
laaS For Dev
Replicate manual
processes
Manage To - Externa
Processing -
Brazil
Pulse2014 The Premier Cloud Conference
32
And Beyond… Functionality
Level
PaaS
Capability
Processing Prod
Manage To
Processing UAT
Manage To
Simple Network
Device Changes
Operational
"Take Action"
Use Cases
Self Service for
Enhanced Use
Cases
laaS For Dev
Replicate manual
processes
Manage To - Externa
Pulse2014
"D� e
CL 0
0 • 0 •'
0 •
.
The Premier Cloud Conference
33
Lessons Learnt
34
Recommendations To Date
Engage fully with the project – Align quality technical resource with IBM professional services
Focus on business use cases – gain agreement Be fully comfortable with the manual processes today Challenge “out-of-the-box” design assumptions Get involved with SCO functionality discussions Feedback, feedback, feedback
– IBM development need your real-world perspective – They do listen!
Invest in knowledge transfer & training Check your browser :-D
35
Main Functionality Gaps Opportunities
Onboarding – Critical for “emerging cloud” enterprise clients such as ourselves
• Transitioning from Virtualisation shop to Cloud shop – Onboarding of production workloads:
• Maintaining existing IP addresses is essential • Maintaining existing hostnames is highly desirable
Resource Change Granularity – Relies on flavours currently
User Role Granularity – Across and within domains – Group membership alignment/sync with corporate directories
• Or federate? Error reporting/messaging
– Between underlying components, currently limited In Support/BAU mode
– What happens if we need a “metadata” fix? • Won’t have the option to clear out system and start again
36
Questions?
37
Acknowledgements and Disclaimers:
© Copyright IBM Corporation 2012. All rights reserved.
– U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml
Other company, product, or service names may be trademarks or service marks of others.
Availability. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates.
The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.