Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Clouds on the ground
Garvan McFeeley09/11/2017 1
Cloud Realities
09/11/2017 2
Cloud Realities
• Cloud is now mainstream • Cloud adoption is not easy• Cloud services require new skills • Migration is complex• End users have embraced the app culture• One cloud does not fit all
09/11/2017 3
Adoption and service support.Strategic collaboration
Network: No data traffic charges.Connect to GÉANT and NRENs networks over public IP.Direct connect to institutions, Layer 2 point-to-point connections
Exit support.Data portability
Identity Management: SAML2 and eduGAIN
Compliance with EU Data Security Directives.Ability to offer IaaS from inside the EC/EEA
General security policies. Handling of sensitive data (including public health or military research).Certifications
Volume discount (initial discount and additional tiered discounted pricing). No price increase.Purchase order and postpaid billing.Recognising aggregated spending, combined for all participating institutions.Accommodating capital expenditure (upfront commitment)
Mechanisms to reduce costs for underutilised (or paused) cloud resources. Support for Bring Your Own License (use existing educational licenses).Migration of existing contracts
Admin management portal.Customer self service portal.Order placement, reporting and group management
API support
IaaS Framework Experience and FAQ
• What can I buy?• What can I not buy?• This looks expensive• Is it really this complex to compare offerings?• I can only spend Capex• This is not an exhaustive list!
09/11/2017 5
• Unlimited• IaaS• Onboarding• Architecture supports• Related support services
• Limited• Managed Services • Implementation services• License based services (e.g. VMs with applications pre-installed from a vendor's
cloud "marketplace")• 50% of the contract value
FAQ – What can I buy?
09/11/2017 6
Can be easily overlooked
• Private Cloud • Co-location • SaaS• BUT
• You can tender for SaaS and possibly bring your own IaaS• Just like you did with servers and software licensing
FAQ - What can I NOT buy
09/11/2017 7
Definition important
• Do you know the true costs of onsite hosting?• Who pays your electricity bill currently
• Facilities?• You?• Someone else?
• Who pays support and maintenance on HVAC systems?• Do you have a ‘sinking fund’ in your budget cycles?
FAQ - This looks expensive
09/11/2017 8
• Pricing is complex• What you can consume is broad• Expect that ANYTHING can be metered• Discounts can be multifactorial• Like for like comparison difficult• This will make your head hurt on occasion• Software licensing can be
• Confusing• Complicated• A source of hair loss and/or hair colour
FAQ - It’s Complicated!
09/11/2017 9
• Handling Capex is supported by ALL framework participants• Will take Capex payment and drip feed to Opex bill• Multi-year obviously!• This brings interesting benefits
• Price drops over time• Machine performance improvements• Economies of scale• Service evolution
FAQ - Capex/Opex
09/11/2017 10
FAQ - Direct Award Experience
• Is it really this easy to use?• Is it really this easy to use?• Is it really this easy to use?• 19 Clients using it• Azure• AWS• Cloudsigma• Dimension data• Interoute
09/11/2017 11
Summary
• On our way• Client need exists• Trusted advisor• Concrete benefits from IaaS tender• This is complex stuff• Blended Approach• We are here to help!
09/11/2017 12
Optimising Infrastructure costsDr Ray O’Neill
Quality and Qualifications Ireland
QQI and Azure
• December 2012 – first pilot systems on Azure – Pay as you go• June 2014 – Enterprise Agreement – Azure Monetary Commitment• July 2017 – GÉANT framework• Nov 2017 – More than 98% of infrastructure in Azure• Infrastructure including resilience and backups for little more than data
centre costs
09/11/2017 14
Leveraging GÉANT and HEAnet
Monthly Spend Nov 2016 – Oct 2017How costs were reduced• GÉANT Framework – from July 2017
• Azure Hybrid Benefit - Campus• Right sizing• Azure automation tasks –
scheduled shutdown• Benefits
• Monthly cost would be 33% higher
09/11/2017 15
80%
85%
90%
95%
100%
105%
110%
115%
Axis
Titl
e
AZURE SPEND NOV 16- OCT 17
Leveraging GÉANT and HEAnet
Daily Spend Nov 2016 – Oct 2017How costs were reduced• GÉANT Framework – from July 2017
• Azure Hybrid Benefit - Campus• Right sizing• Azure automation tasks –
scheduled shutdown• Benefits
• Monthly cost would be 33% higher
09/11/2017 16
Next steps….
• Prepayment for specific VMs• Continued Right Sizing
09/11/2017 17
Rory Hopkins
Maynooth University
Maynooth’s BI Project
Maynooth’s BI Project
The Problem:MU needed a reporting and information delivery solution to replace Oracle Discoverer.
The challenge: To cost the project, to get investment for project, and to build the solution
Getting SupportWorking with the University IT management steering committee (ITMSC) a project budget was allocated after presenting a successful POC developed with Opensky.The technical Solution: To leverage our investment in Office 365 we selected the Microsoft Business Intelligence stack
Maynooth’s BI Project
The project Solution: • Microsoft helped identify the main technical & cost elements• Used the IaaS framework to purchase Azure• Working through a Microsoft partner to develop the solution• PowerBI Pro licences obtained via our Microsoft campus agreement
** We could purchase 10 more consultancy days **
Maynooth’s BI Project
Maynooth’s BI Project
DIT School of ComputingBrian Gillespie
LecturerCloud Computing and Systems Infrastructure
Hosted Private Infrastructure
December 7, 2017 24
Commercial Public Clouds
December 7, 2017 25
Cost Management
December 7, 2017 26
DCU IaaS PROGRESSBased on Microsoft Azure
Billing in brief
DCU recently gained access to the enterprise portal. This enabled the following billing structure:• The ISS department retains ownership of all resources in Azure
while ensuring that billing can go to the resource user directly if preferred. This is enabled using the structure:• Department• Subscription• Resources
December 7, 2017 28
Integration with on-prem systems
Authentication and identity
management
Azure Active Directory is fed hourly by data in our on-prem active directory infrastructure. All staff and student accounts and specific service accounts
are synchronized.
Delegating ownership and
monitoring usage.
All DCU departments and subscriptions will be created under a single Azure active
directory tenancy. Users in the EA Admin group can monitor usage in all departments and
subscriptions.
December 7, 2017 29
Network design
• A site to site VPN is established between DCU and Azure.
• VNet peering is created between the main DCU ISS subscription and other subscriptions.
• Traffic to and from the main DCU network is routed through the ISS subscription to other subscriptions over the VNET peers.
• Vnet peering does not count toward bandwidth usage. It also does not require separate gateway objects.
Connecting networks across subscriptions so
that virtual machines running
in Azure can communicate securely to On
premises systems is achieved by
creating a site to site VPN to Azure then using virtual network peering
December 7, 2017 30
Final points
Windows license costs
• Azure Hybrid Use Benefit (HUB) allows you to use your Windows server licenses on Azure virtual machines. This further reduces the cost of running infrastructure on this platform.
Upskilling
• The usability and efficiency of the Azure portal and the Azure enterprise portal is improving rapidly. However documentation doesn’t always keep pace. A support agreement with a professional services company may be beneficial when building IAS on Azure.
Billing and licensing
• Micromail have been particularly helpful when questions have been raised in relation to the correct billing and licensing considerations.
December 7, 2017 31
Discussion
09/11/2017 32