Virtualization and Cloud Computing Guide to Building Private IaaS
Virtualization and Cloud Computing
From Virtualization to Private Cloud
Infrastructure as a Service
The Latest Talk about Cloud
Today cloud computing is a proven delivery model with impressive agility
and efficiency benefits.
The trend is to expand to more flexible models to expand the scope of
innovative, value-added business services.
“Should we do it?” “How should we do it
to get the most value?”
Based on The NIST Definition of Cloud Computing. National Institute of Standards and Technology Special Publication 800-145 (September 2011).
Cloud Computing Models
Virtualization as an Enabler for Cloud
Most enterprises are already virtualizing their IT environment.
Improves resource utilization
Lowers total cost of ownership
Enhances speed and flexibility
Logical next step: private cloud.
Provides user interface to automated, self-service catalogs of standard services
Autoscales to user demand
Delivers even greater agility and efficiency
Controls sensitive workloads
Delivering Cloud Services—Fast
Best Practices for Building an Enterprise Private Cloud. Intel IT (December 2011).
Thanks to Intel’s construction of a private
cloud on a highly virtualized foundation, time
to provision infrastructure dropped from 90
days to an average of 45 minutes.
Five Steps: Virtualization
to Private Cloud Services
1. Develop a cloud strategy
2. Manage business process change
3. Organize IT around service delivery
4. Put the right technology in place
5. Manage a data-driven cloud
1. Develop a Cloud Strategy
Establish where you want to go.
Describe the anticipated benefits and return on your investment
Set short-, mid-, and long-term goals
Identify workloads and user groups for each project phase
Describe your cloud architecture and its components
Identify client devices you will support
Define monitoring and management approach; define success
CLOUD TIP: Intel IT developed a strategy that provided a logical evolution to a hybrid cloud model. Source:
Best Practices for Building an Enterprise Private Cloud. Intel IT (December 2011).
2. Manage Business Process Change
Get the business on board and create strong partnerships.
Communicate benefits and milestones to users
Develop a plan to manage expectations for each project phase
Engage business users to define and document new and
existing business processes
Document workflows to minimize human control points
Implement new IT processes (for example, capacity
provisioning and chargeback)
CLOUD TIP: Strong partnerships encourage cloud adoption and are essential to your success.
3. Organize IT around Service Delivery
Evolve IT’s role to a broker of cloud services.
Determine how joint business-IT teams will
Hire or train for cloud-related skills
Weigh user needs against the delivery options to
reduce organizational risk, improve resource
utilization, and monitor demand
CLOUD TIP: By offering private cloud services, you gain experience that you can extend later to brokering
public services in a hybrid cloud model.
4. Put the Right Technology in Place
Implement each phase to build on the previous one.
Determine technology requirements for short-, medium-,
and long-term goals
Use reference architectures and out-of-the-box workflow
templates and building blocks to save time and effort
Implement proof of concepts to build success and
CLOUD TIP: Intel® Cloud Builder Solutions include reference architectures, or recipes, on how to deploy
ecosystem solutions built on offerings from leading systems and solutions providers based on Intel
technologies. Visit intelcloudbuilders.com.
5. Manage a Data-Driven Cloud
Monitor health and performance end to end.
Measure against goals for availability and performance
Ensure compliance with security and privacy regulations
Inform decisions to add capacity
Review integrated operational analytics for:
CLOUD TIP: If you choose to offer externally hosted cloud services in the future, you will have already
established a way to measure the overall service availability stipulated in third-party service-level
Five Requirements: Infrastructure as a
Service (IaaS) Technology
1. Pervasive virtualization
2. A cloud management platform (CMP)
3. Automated workflows and other system capabilities
4. Orchestrated services end to end
5. Cloud security
CLOUD TIP: Although clouds are built with IaaS, PaaS, and SaaS service layers, infrastructure services are
the most typical private cloud services offered today.
1. Pervasive Virtualization
Virtualization provides several key cloud capabilities.
Virtual machine (VM) isolation
Pervasive virtualization broadens the opportunity for cloud
adoption across the organization.
Infrastructure as a service is built on pooled resources for computing, storage, and networking.
From An Enterprise Private Cloud Architecture and Implementation Roadmap. Intel IT (June 2010).
2. Cloud Management Platform
Integrated software that delivers high service quality, security,
and availability for workloads should provide at minimum:
Direct user access to the system
Self-service capabilities and interfaces
A workflow engine
Metering and chargeback functionality
CLOUD TIP: More advanced capabilities might include performance and capacity management,
interoperability between private and public IaaS offerings, connectivity to and management of external
clouds, application life-cycle support, back-end service catalogs, and integration with external enterprise
Leading Cloud Management Platforms
Eucalyptus* cloud platform
Microsoft* Hyper-V* software and Microsoft System Center
OpenStack* cloud software
VMware* vCloud Director*
3. Automated Workflows
Minimize manual processes
Provide integration across heterogeneous and disparate
Manage provisioning, scaling, VM configuration, identity
and access controls, network resources, workflow
monitoring, patching, and backup
Optimize and manage resources faster, deliver
services, manage service life cycles, and respond to
CLOUD TIP: Intel IT’s private cloud infrastructure uses a modular, extensible framework to simplify system
integration and provide the prerequisites for fully functional, self-provisioned VMs with compute, storage,
and network resources. This enables Intel IT to introduce additional automation capabilities as business and
technical needs change. Source: Best Practices for Building an Enterprise Private Cloud.
Intel IT Hosting Framework
Users request and consume services through a self-service portal
IT manages and measures service consumption on a highly utilized resource
pool of virtualized assets
Source: Implementing On-Demand Services Inside the Intel IT Private Cloud. Intel IT (October 2010).
4. Orchestrated Services End to End
Automated intelligence that dynamically coordinates and manages
across different systems to:
Connect and automate workflows
Manage configuration, capacity, metering, and chargeback
Track and report cloud performance and availability
Monitor and manage power
Monitor security threats and adherence to security policies
Take effective actions and make adjustments
Predict potential issues and address proactively
CLOUD TIP: Intel® Intelligent Power Technology orchestrates power management with Intel Data Center
Manager (Intel DCM) and Intel Node Manager (Intel NM), technology built into Intel Xeon® processor-based
servers. Together they monitor and cap power in real time at server, rack, zone, and data center levels and
manage aggregated power consumption and load migration.
5. Cloud Security
Challenges: Resource isolation, security event management,
and data protection, including VM isolation, secure
VM migration, virtual network isolation, and security event
and access monitoring
Visibility into secure data flow and compliance with
business-specific security policies is critical
CLOUD TIP: Provide security as a set of on-demand, scalable services. In this approach, policies are tied to
logical attributes that create adaptive trust zones to separate multiple tenants.
Intel Cloud Security Recommendations
Intel recommends prioritizing these physical and virtual controls.
Protect data – Use pervasive encryption, secure connections, and data loss
Establish and verify identities – Control access from client devices and systems
you trust, and manage API control points at the network edge
Establish trusted compute pools – Secure data center platform, infrastructure, and
Build higher assurance into compliance – Streamline auditing and increase
visibility into your cloud environment
Enable secure migration – Protect movement between a private cloud
environment and public cloud providers
Intel® and McAfee* Cloud Security Technologies
Intel® Trusted Execution Technology (Intel TXT)
and McAfee* Data Center Security Suites
Helps detect server systems booting with unknown BIOS,
firmware, and hypervisors
Provides hardware-based verification for use in meeting
Intel Data Protection Technology with AES-NI and Secure Key
Enables faster and stronger encryption and decryption of the McAfee Endpoint
Intel Expressway API Manager (Intel EAM)
Includes a leading SaaS API sharing portal from Mashery with Intel’s on-premises
service gateway for API management
Available integrated with several McAfee technologies, including McAfee ePolicy
Orchestrator* (McAfee ePO*) for monitoring security events
Next Steps: The Path to Hybrid Cloud
The path to building hybrid cloud
service delivery begins with private
cloud IaaS on top of a highly
virtualized data center.
When you’re ready to go further, read about
how platform as a service can expand your
cloud environment into a more flexible and
elastic hybrid model.
Virtualization and Cloud Planning Guide
Everything You Need to Get Started
Read the complete Planning Guide: Virtualization and
Cloud Computing at intel.com/cloud.