Managing a public cloud
- 1. Managing a Public Cloud g g Chuck Tsocanos 1
- 2. perspectives on public cloud end users developers access to infrastructure/DC manager secure and resources to maintain server farm and reliable access develop and test leverage remote services to information new applications with similar confidence and from any device f d i to improve ROI, security, performance, availability, etc. Providers Enterprises Mid-market Consumers bus. application manager support and guarantee the end user experience while adhering to business rules operations/support manager i.e. compliance manage increasing complexity of a g g p y multi-domain environment; while providing IT support, flexibility and 2 scalability
- 3. management challenges in a public cloud Services description Virtual Data Center core capabilities 4 shared/multi-tenant infrastructure Application Logic service catalog/portal 3 secured and extensible architecture Middleware Platform usage metering & billing 2 what we need to do? Operating Environment Provision/install/configure 1 Process data Virtual Machine/Container Store data Secure perimeter and network Hardware Monitor/operate/support what we must manage? Datacenter - Network servers & operating systems middleware platforms Hosting business applications and databases Orange Management cross domain SLAs Customer managment Hardware and fabric business data (privacy, confidentiality, 1 management 3 Middleware management ownership) 2 OS Management 4 Application management regulatory compliance, accountability compliance 3
- 4. frameworks, methods, and approaches WHERE TO WHAT HOW TO CONTROL TO IMPROVE? DEVELOP? RISK? HOW HOW TO TO IMPROVE? ITIL ARCHITECT? SIX CMMI COBIT SIGMA TOGAF FISMA HIPAA SOX Business/ Regulatory PCI SAS 70 4 Context
- 5. developing a service catalog for the cloud Process + Partners + Technology = Service • Automated Provisioning • Business System Service A Monitoring • Workload Management Service B • Usage Metering • Ch Chargeback/Billing b k/Billi Service C • Data Management • Security Services Service D • Connectivity Partners • Helpdesk & Operational Technology Support Service Catalog • Business Continuity 5
- 6. managing across multiple domains – the integration challenge characteristics : – Control Points - multiple points of monitoring and control – E Execution - multiple ti ti lti l tiers of support and t k execution f t d task ti – Communication – vertical and horizontal flow of information across and within domains 6
- 7. another example of a high level infrastructure management design Cloud Cloud VPN HUB Cloud Service Desk VLAN Internet e e Customer A C t Access VLAN Customer Service Desk IPSEC Router IPSEC Router x.x.x.x/xx x.x.x.x/xx Orange Customer Service Desk Network Customer monitored 7 equipment
- 8. managing end to end SLAs is a balancing act $ $ business cost service Reporting efficiency y CXO efficiency Decision Business IPT parameters Users' SAP In house Internet Service Providers satisfaction LAN Hosting SLA OLA Various 3rd parties SLA WAN Support organizations Messaging Users Application IP VPN mgt Operational Manager Technical parameters operational efficiency 8
- 9. In closing, some questions you should ask yourself… Who owns the data especially in a situations where there is shared access? What are the risks i.e. foreign governments or subpoenas? Who is accountable/responsible for regulatory audits? (will your providers be subject to audit?) How detailed are your SLAs with your providers and do they cover all contingencies? i.e. access, loss, theft, audits, etc. How will you secure any and all exposed APIs either to key applications or management systems? Do you trust your providers security model or accreditation? Are you willing to give up control based on how they isolate/zone? Are hypervisor risks acceptable for production? Is encryption required for data in transit and at rest? How will regulations constraint your use of cloud resources i.e. in-country in country data How will you integrate management systems from multiple 3rd parties to enable an end to end view of service? What management standards are you ready to adopt i.e. libcloud, WSDM, 9 WS-Management, etc.
- 10. Thank You 10