Embed Size (px)
Citation preview
Presented by Darren Mar-EliaCTO, SDM Software@grouppolicyguy
Founded SDM Software in 2006– A Group Policy solutions company, and GPOGUY.COM-- a Group Policy resource site
30 years in IT and software, Director of Infrastructure at Charles Schwab and CTO of Windows Management at Quest Software
Recently helped a large Bay Area company design/deploy a private cloud environment
Private Cloud—really? What is it?
The Tips!
Q&A
Starts with Virtualization, but is much more
A set of capabilities that makes you look like the Amazon of your data center:
Self-service provisioning
Showback/Chargeback based on resource usage
Elastic capacity—scale up/scale down
Automation/configuration management
Some say the world is moving to the Cloud
I agree
We will come to know these times as BC (Before Cloud) and AD (After Datacenter)
But, Private Cloud helps bridge the gapProvides distinct advantages for certain workloads
But probably not cost advantages
Starts with a hypervisor (one or more)
Cloud management softwareSystem Center
Openstack
Citrix CloudPlatform
VMWare vCloud
Converged network, compute, storage fabric (helps though not absolutely required)
Organizational
Budget/Allocation
Culture
Technical (but probably not as much as the ones above)
In traditional data centers workloads are well defined
Not so with private clouds
Different workloads require different resources, operational requirements and ways of thinking
Consider constraining or dedicating workloads to specific “clouds”
In BC times, IT carefully guarded who brought workloads into/out-of the data center
Private Cloud exposes your customer directly to the data center
Need to be prepared for all that entails
Maybe a buffer between private cloud and “real” datacenter work
If you weren’t good at this before, it REALLY needs to change
Private Cloud means your users treat you as a utility
Which is great, but…
Not so much if you don’t have the capacity they need, when they need it
Hybrid clouds can help here, but still not well-defined
Decide up front if you plan to “show back” or “charge back”
Make sure you have the data to prove it, especially if you charge back
Resource usage reporting should be standard in your Private Cloud
The Private Cloud changes how you provision compute, storage and network
Your support teams need to change with it
The promise of the Private Cloud goes away if you wrap old-school org. structures around a new approach
Automation is key to Private Cloud
But, presents “interesting” scenarios to think about
Spinning up 100 VMs at once…accidentally
What does that do to storage, network, compute?
Easy to “kill” a system
Consider limiters or products with limiters built in
Private Clouds new challenges for network and storage resources
Do you have enough storage? It goes fast in an automated world!
Are IOPS sufficient for the workloads in question?
Networks, virtual switches and routers introduce new complexities and flexibilities
And new security boundaries
Does this VLAN have access to the Internet (and vice-versa)
Can users configure virtual firewalls
Consider providing different network zones for each security requirement
Private Cloud == resources spinning up and down
How do you want to secure them throughout their lifecycle?
AD domain-joined? If so, how do you cleanup?
If not domain-joined, how do you secure?
Anti-virus, host-based firewall, lockdown—all potential issues in virtual, self-service worlds
Access to Cloud—control through AD membership or similar
Not all cloud management solutions leverage all hypervisor features
Esp. if you have multiple hypervisors
You may not be able to provide all hypervisor features to your Private Cloud users
That’s ok. Can’t be everything to everyone!
Again, know your workloads BEFORE choosing a product
Just like hypervisors, once you make a choice of cloud management product, it’s hard to get out
Look for vendors that follow open standardsOpenStack is a good one right now
Don’t build to many processes around proprietary APIs/interfaces
If possible, build your own abstractions
The market is evolving fast, don’t lock-in before the “good stuff” arrives
Know your workloads!
Protect your core assets
Capacity planning is key
Figure how to charge/measure resource usage
Align your staff to the new technology
Automation– powerful…dangerous
Network & Storage are key
Security Model decided up front
Cloud Management vs. native hypervisor
Avoid Vendor lock-in
