|By Michael A. Salsburg||
|February 3, 2014 07:00 AM EST||
We all know the story of Goldilocks and the three bears, but have you heard the one about Goldie Locks and the three clouds? This tale is playing out throughout the IT marketplace.
Goldie Locks - an IT executive for a state government - has once again found herself in a dilemma. "If only I could choose one of the three options," she sighs. Goldie's dilemma is a result of competing requirements within her enterprise. Regarding infrastructure costs, Goldie has been told to "do more with less."
"If someone says that one more time, they're going to have porridge thrown at them," she huffs. Goldie knows that standardizing infrastructure requirements to serve the business and its processes securely, reliably and quickly is a proven way to reduce capital and operational costs. On the other hand, various business units and their departments have specific requirements for their mission-critical applications. They are resisting giving up control.
While many of her colleagues suggest she use the public cloud, Goldie believes that the security implications would be a deterrent to acceptance within her enterprise. Though she has done a thorough job investigating various cloud computing models, she needs to put together a request for proposal (RFP) to start searching for outside help with her dilemma.
She begins by taking into consideration the three standard deployment models of cloud infrastructure and their hybrid combinations - as defined by the U.S. National Institute of Standards and Technology (NIST) - and determining whether these are a fit for her enterprise:
- Private cloud: Provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units).
- Public cloud: Provisioned for open use by the general public.
- Community cloud: Provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations)
- Hybrid cloud: A composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds)
"Death by Committee" is her thought after analyzing these models. Each is too narrow for her enterprise. These cloud deployment models only provide the "how" without truly understanding the "what" and "why" of her situation. The IT side of the decision is obvious - drive down operational and capital costs to give the IT team time and money to solve strategic issues for the business. The best way to do this is to standardize processes, automate tasks and share infrastructure and administrative resources as much as possible. This is, in general, what a cloud provides.
But IT is serving a set of key stakeholders who have requirements beyond infrastructure. These stakeholders are the application/business owners who rely on IT to support delivery of their revenue-generating services and products. They are not well served with the three deployment models defined above, nor are they served by a hybrid of those models.
A Look into Goldie's Enterprise
In general, an enterprise consists of distinct parts (such as business units) that serve different customers, have different financial results and offer different products and services. They are fairly autonomous, but all operate from a common set of financial resources and processes, a common strategy and common metrics that determine success.
Consider Goldie's enterprise, which is a consolidation of a number of state agencies:
Her enterprise is partitioned into two high level branches (State Police and Transportation), where each branch consists of multiple, semi-autonomous departments. Each of those departments is interested in controlling their own infrastructure. Furthermore, their security and administrative processes differ from one department to another. Different departments must comply with their own levels of privacy, availability and service metrics.
For example, the Department of Public Info Office, within the State Police branch, may require highly predictable, millisecond response times for public users. In this instance, it may make sense to use public cloud infrastructure for the web servers, since there may be a requirement to scale up very quickly to reach high workload demands.
The Department of the Deputy Commissioner, also within the State Police branch, may also require specific infrastructure services, processes, automation and regulations, such as "hardened" OS images and encryption for all transmission of information.
The Department of Highway Administration, within the Transportation branch, must guarantee that their web site is available 99.999% of the time. They may have high availability requirements that demand duplicate resources at a disaster recovery site, as well as requirements for high-availability configurations.
NIST Deployment Models and the Enterprise - Square Peg, Round Hole
Goldie's enterprise cloud must be structured to support these multiple "parts." In turn, these parts can themselves have parts, and so on. This is similar to many of today's enterprises, which are the result of consolidating other businesses and agencies that need to function in a semi-autonomous fashion, but are still members of the larger organization.
A cloud needs to be more than an infrastructure dispenser - providing small/medium/large chunks of infrastructure for each user, without considering the unique requirements for different groups of users. Goldie knows that today's cloud products and services do not meet the needs of her enterprise stakeholders. She would like to deploy a single, centralized enterprise cloud that allows business units and their sub-units to:
- Share underlying virtual resources as one large collection of cloud resources
- Allow end users, such as developers, testers, demonstrators and system admins, to use a simple service catalog to manage the lifecycle of all cloud resources in the same manner
- Set up autonomous administration, with unique policies and processes, as required
- Allow business units to deploy their entire spectrum of applications, with unique service level objectives for development, test, production, mission-critical and regulated workloads
Now, let's see why the current cloud models cannot address these requirements.
Goldie has looked at all of the currently available private cloud products. "These are too small-minded," she thinks. Every private cloud offers "multi-tenancy," which allows each business unit to manage its allotted set of cloud resources. But none of them offers any additional structure beneath the first level. Many of Goldie's business units have their own autonomous sub-units that require unique policies, processes and resources. They will want their own cloud, which does not meet her first requirement.
She then turns to the available public clouds. "They are big and cheap, but my stakeholders do not want to expose their mission-critical or regulated applications." She chuckles thinking about a specific security dink she knows who actually turned pale when she suggested a public cloud for his application. On the other hand, she is painfully aware of some development teams that are slipping under the radar and deploying virtual resources in a public cloud for test and development. It's cheap and cheerful, but it's not handled by the centralized IT department and it exposes the business to risks.
A community cloud offers cloud resources to a like-minded set of users / administrators. These users have agency-specific requirements, such as service levels, privacy, etc. If individual community clouds are deployed, then Goldie cannot optimize the sharing of all of the cloud resources. "This just isn't right at all," she says.
The final NIST deployment model does not provide any capabilities over and above the first three models. Instead, it is defined as one or more distinct instantiations of either a private, public or community cloud. Goldie has looked at all of the hybrid cloud management services and products, compared them to her requirements and decided that it doesn't meet her needs.
The Rise of an Enterprise Cloud
Through her analysis of the traditional cloud models, Goldie concludes that none of them are quite right. What she's looking for is a cloud that can address requirements unique to her enterprise. Let's refer to this as an "Enterprise Cloud." An Enterprise Cloud provides the capabilities of private, public and community clouds within a single cloud management platform that can support heterogeneous processes and requirements.
Goldie eventually conceived of the Enterprise Cloud illustrated below. It consists of a blend of internal datacenter resources, as well as resources provided by one or more public clouds. These are the "raw ingredients" that are abstracted into "cloud resources." Each agency can choose the specific cloud resources it needs to meet its requirements, including high availability, speed of deployment, cost, compliance with regulations and low latency response times.
Cloud-wide administrators, as well as specific agency and sub-agency administrators, are responsible for managing cloud resources through one "single pane of glass" interface. Aside from the properties of the cloud resources, their life cycles are all managed in the same manner, independent of where the raw materials came from. The end users of the cloud (e.g., testers, developers, infrastructure administrators) can be isolated from the underlying source of the raw resources. For example, an application could use public cloud for its web-facing tier, a low-cost set of internal cloud resources for its application tier and a highly regulated, encrypted and hardened set of cloud resources for its data layer. Goldie thinks of this as a "Hybrid Enterprise Application."
Goldie concludes that she needs to strike out on her own and develop a unique RFP that reflects her mental image of an Enterprise Cloud. If she settles for the types of clouds that are enumerated in the NIST document, she will never convince the various stakeholders to share a single cloud.
By focusing on key requirements, such as a single management framework across the enterprise, using public clouds and the datacenter to store virtual resources and providing a hierarchical multi-level tenancy structure, Goldie decides that she has finally found an Enterprise Cloud that is "juuuuuust riiiight."
If you are within a stones throw of the DevOps marketplace you have undoubtably noticed the growing trend in Microservices. Whether you have been staying up to date with the latest articles and blogs or you just read the definition for the first time, these 5 Microservices Resources You Need In Your Life will guide you through the ins and outs of Microservices in today’s world.
Jul. 30, 2016 04:30 AM EDT Reads: 4,178
Before becoming a developer, I was in the high school band. I played several brass instruments - including French horn and cornet - as well as keyboards in the jazz stage band. A musician and a nerd, what can I say? I even dabbled in writing music for the band. Okay, mostly I wrote arrangements of pop music, so the band could keep the crowd entertained during Friday night football games. What struck me then was that, to write parts for all the instruments - brass, woodwind, percussion, even k...
Jul. 30, 2016 01:45 AM EDT Reads: 2,380
This digest provides an overview of good resources that are well worth reading. We’ll be updating this page as new content becomes available, so I suggest you bookmark it. Also, expect more digests to come on different topics that make all of our IT-hearts go boom!
Jul. 30, 2016 12:45 AM EDT Reads: 3,783
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Jul. 30, 2016 12:30 AM EDT Reads: 2,344
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
Jul. 29, 2016 10:00 PM EDT Reads: 1,292
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Jul. 29, 2016 08:00 PM EDT Reads: 2,749
There's a lot of things we do to improve the performance of web and mobile applications. We use caching. We use compression. We offload security (SSL and TLS) to a proxy with greater compute capacity. We apply image optimization and minification to content. We do all that because performance is king. Failure to perform can be, for many businesses, equivalent to an outage with increased abandonment rates and angry customers taking to the Internet to express their extreme displeasure.
Jul. 29, 2016 03:45 PM EDT Reads: 1,689
Right off the bat, Newman advises that we should "think of microservices as a specific approach for SOA in the same way that XP or Scrum are specific approaches for Agile Software development". These analogies are very interesting because my expectation was that microservices is a pattern. So I might infer that microservices is a set of process techniques as opposed to an architectural approach. Yet in the book, Newman clearly includes some elements of concept model and architecture as well as p...
Jul. 29, 2016 02:45 PM EDT Reads: 9,831
Ovum, a leading technology analyst firm, has published an in-depth report, Ovum Decision Matrix: Selecting a DevOps Release Management Solution, 2016–17. The report focuses on the automation aspects of DevOps, Release Management and compares solutions from the leading vendors.
Jul. 29, 2016 12:00 PM EDT Reads: 1,843
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Jul. 29, 2016 11:30 AM EDT Reads: 1,306
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Jul. 29, 2016 11:15 AM EDT Reads: 1,353
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
Jul. 29, 2016 09:45 AM EDT Reads: 1,493
No matter how well-built your applications are, countless issues can cause performance problems, putting the platforms they are running on under scrutiny. If you've moved to Node.js to power your applications, you may be at risk of these issues calling your choice into question. How do you identify vulnerabilities and mitigate risk to take the focus off troubleshooting the technology and back where it belongs, on innovation? There is no doubt that Node.js is one of today's leading platforms of ...
Jul. 29, 2016 08:30 AM EDT Reads: 667
Let's just nip the conflation of these terms in the bud, shall we?
"MIcro" is big these days. Both microservices and microsegmentation are having and will continue to have an impact on data center architecture, but not necessarily for the same reasons. There's a growing trend in which folks - particularly those with a network background - conflate the two and use them to mean the same thing.
They are not.
One is about the application. The other, the network. T...
Jul. 29, 2016 04:45 AM EDT Reads: 3,733
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Jul. 29, 2016 04:45 AM EDT Reads: 2,381
This is a no-hype, pragmatic post about why I think you should consider architecting your next project the way SOA and/or microservices suggest. No matter if it’s a greenfield approach or if you’re in dire need of refactoring. Please note: considering still keeps open the option of not taking that approach. After reading this, you will have a better idea about whether building multiple small components instead of a single, large component makes sense for your project. This post assumes that you...
Jul. 29, 2016 04:15 AM EDT Reads: 4,289
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
Jul. 29, 2016 04:15 AM EDT Reads: 2,700
In his session at @DevOpsSummit at 19th Cloud Expo, Yoseph Reuveni, Director of Software Engineering at Jet.com, will discuss Jet.com's journey into containerizing Microsoft-based technologies like C# and F# into Docker. He will talk about lessons learned and challenges faced, the Mono framework tryout and how they deployed everything into Azure cloud. Yoseph Reuveni is a technology leader with unique experience developing and running high throughput (over 1M tps) distributed systems with extre...
Jul. 28, 2016 10:15 PM EDT Reads: 2,256
Sharding has become a popular means of achieving scalability in application architectures in which read/write data separation is not only possible, but desirable to achieve new heights of concurrency. The premise is that by splitting up read and write duties, it is possible to get better overall performance at the cost of a slight delay in consistency. That is, it takes a bit of time to replicate changes initiated by a "write" to the read-only master database. It's eventually consistent, and it'...
Jul. 28, 2016 08:30 PM EDT Reads: 2,365
Jul. 28, 2016 07:15 PM EDT Reads: 3,977