I often hear people presenting cloud computing and why it makes sense to go to the cloud. When it comes time to give examples and demonstrate capabilities, they typically focus on provisioning and most often limit themselves to the provisioning of an infrastructure resource. Should we just focus on provisioning when assessing which technologies to use for the development of a cloud environment? In my mind, provisioning of infrastructure is the easy part; there are many other elements necessary to build a truly operational cloud. In most cases, provisioning of a virtual server does not deliver to users what they are looking for.
After provisioning the infrastructure there are a number of steps necessary for you to truly master cloud computing and provide end-users with services. Indeed, once the infrastructure is provisioned, the operating system needs to be configured, the appropriate software modules need to be installed and activated. On top of that, many services require more than one infrastructure component. For example, if you desire a collaboration space for a small team, you will need planning software, a chat capability, a database server (and if the database happens to be Oracle, it may even have to be provisioned on a physical server for support purposes) and a series of collaboration tools. Each of those may run on different operating systems, may require specific middleware and have to be configured a specific way. When you request the provisioning of this service, the first thing the cloud environment needs to do is to understand what the implications are from a resource and software point of view. It then needs to check whether the required resources are available. This may include whether a free license key is available for each tool, depending on the software licence agreement. Only then can you provision the infrastructure resources. In this case that includes virtual machines and one physical one for the database. So, the environment needs to be able to provision both physical and virtual environments. Actually, the service provider may use multiple hypervisors in different parts of his or her datacentre. You need a tool providing you the flexibility to perform and manage the provisioning, set-up and configuration of all elements required to deliver the requested service to the infrastructure.
Another aspect that is often forgotten is the links with the data. On the one hand you have the transient data sources that are provisioned with the service, and those just need to be set-up, but on the other you have the links back to the persistent data sources. These contain key pieces of information the service and probably other services, require access too to deliver their service. Properly linking to those data sources, which may be located in the same cloud environment or somewhere else (e.g. behind the firewall of the organization) and ensuring the networks are appropriately configured to provide easy access, are critical to ensure an acceptable user experience.
And then, you would want appropriate security across all elements of the service. So, you will have to ensure end-to-end security. In particular if the service contains elements in different environments, ensuring all aspects of security are addressed is critical. And not just between the modules delivering the service, but also between the service and its interface to the end-user. As this interface may reside on a mobile device, the end-to-end security thinking needs to include the device, the service and the back-end infrastructures.
But that’s not all. Let’s assume now that your cloud has 50,000 virtual machines up and running and one of the key operating system or middelware vendors releases a security patch to close a gaping security hole in his software. You want that rolled out as quickly as possible, don’t you? You do not want to leave all those users at risk. So, you now need an environment that can patch those virtual machines, preferably on the fly. You do not want to have to stop everything. And by the way, you want to do that automatically as you do not have the personnel to check and patch 50,000 machines in a reasonable amount of time.
Starting from the fact one size does not fits all in cloud, and you often will end-up having multiple cloud environments (private, managed or public) delivering services or part of services to the end-user, you may want to look at making your life easy by building on compatible environments. This is where open source based clouds really make a difference. It also allows you to move some services or service modules across in case you run out of capacity in one of those cloud environments. Using a single management and automation environment to front-end these clouds allows your users to have a single point of entry for an environment whose complexity is hidden from them. Such tools exist today, make sure you understand what you need, what the tools you choose offer, and whether they address not just your existing needs, but also future requirements you may have. It may be difficult to move from one such tools to another over time, so you better make sure you choose the right one.
I pointed out that provisioning was the easy part; we’ve just made the rest simpler—managing, automating and securing the cloud environment. Even if you believe you only need infrastructure provisioning today, will provisioning be the only thing you want to do moving forward? I can assure you the answer is no. So make sure you team up with a partner that can provide you what you want in the future, with the experience you need to master the cloud across the lifecycle.
Christian Verstraete is the Chief Technologist Cloud at HP and has over 30 years in the industry, working with customers all over the world, linking business and technology.
Read more of Christian's blogs here