1. SPECIAL REPORT JULY 2011Private Cloud Deep Dive Building thenext-gen data center Copyright © 2011 InfoWorld Media Group. All rights reserved.
2. i Private Cloud Deep Dive 2 Why and how to build a private cloud Both business and IT need the agility enabled by the private cloud. Now you can apply technologies and processes pioneered by public cloud services to your own data center i By Matt Prigge large enterprises – and not just due to cost. Much of the benefit of cloud computing lies in enabling more infra- FEW IT CRAZES have reached the fever pitch that structure to be managed by fewer people, so that one cloud computing has attained. Almost from day one, admin might be responsible for thousands of servers, many intense excitement has greeted the vast potential more than most smaller enterprises maintain. Moreover, offered by enormous, hyperscalable public clouds that the notion of self-service, where stakeholders provision can scale up and down while customers pay only for their own resources, demands a level of expertise that line- the resources consumed. of-business personnel in smaller enterprises typically lack. Despite this excitement, however, just a small slice Yet a common thread of shared resources, more effi- of enterprises are actively using the public cloud for cient management, and greater business agility unifies core, mission-critical functionality. The reason? Mainly, all private cloud implementations and can be applied widespread trepidation about the level of security, reli- to any size environment. In practice, how you view and ability, and data portability that current public cloud understand these benefits depends on your role within offerings can provide. the organization. The industry’s answer to these concerns is the private cloud. The private cloud attempts to offer the same self- TWO VIEWS OF THE CLOUD service agility and scalability that public clouds offer, but As always seems to be the case in IT, at least two differ- without the complications of putting critical services ent perspectives surround the adoption of any new data- and data in the hands of a third party. But as with any center technology: The view from the CIO’s desk, which sweeping IT concept, many customers are having a dif- largely concerns itself with business goals; and the view ficult time grasping what a private cloud really is and from within the datacenter, which is driven by technology how they can benefit from building one. and the struggle to manage an ever-expanding workload. The good news is that the private cloud, when imple- CLOUD SHAPES AND SIZES mented for the right reasons, can meet both sets of needs. Part of this confusion stems from the wide variety of [level 2 subhead] The view from the executive suite ways to organize on-premise IT infrastructure into A CIO might see the private cloud as a means to something that can legitimately be called a private deliver better service levels, improve responsiveness, cloud. These range from smart design and manage- and allocate resources among business units more effec- ment of server virtualization (using tools most enter- tively. Among other things, the newfound agility and prises already own) to fully integrated environments efficiency of the private cloud can decrease the likeli- complete with feature-rich, self-service customer portals, hood internal business units will “get tired of waiting for fully autonomous server and storage provisioning, and IT” and adopt public cloud services willy nilly – weaken- automated chargeback. ing the IT organization, creating new silos and redun- It should come as no surprise that the fully-integrated, dancies, and opening potential security vulnerabilities. high-end implementations apply almost exclusively to very A 2010 survey of IT decision makers conducted by INFOWORLD.COM DEEP DIVE SERIES J U N E 2 011
3. i Private Cloud Deep Dive 3 Forrester Research concluded that only 13 percent of alone cannot deliver all of what a private cloud can offer. enterprises surveyed were using cloud-based IaaS (infra- Unless additional software and policies are brought to structure as a service) offerings, but Forrester believes the bear, such benefits as self-service, pay-as-you-go charge- true number to be nearly double that. “It often comes back, and secure multitenancy can’t be fully realized. as a big shock to the infrastructure and operations peo- Obviously, not all organizations need that. If they do, ple [within IT] to find they grossly underestimated the a full-scale private cloud may bring significant benefit. cloud services in use at their organizations,” says Galen Also note that moving to a private cloud needn’t be Schreck, Forrester vice president and principal analyst, an all-or-nothing affair. It can be rolled out incremen- “They realize they have no idea what the application tally on an as-needed basis. Even though a number of owners [in business units] and developers are up to.” hardware and software vendors imply that you need a That’s a dramatic statement and CIOs are definitely whole rack of new hardware and an industrial-size barrel taking notice. Day by day, they risk losing control of of software spaghetti to build a real private cloud, you their organization’s data – data they are ultimately can very easily graft individual cloud features onto an held responsible for managing and protecting. In the existing virtualization infrastructure with very little effort. old days, “rogue” projects typically took the form of Even implementing agility features, such as auto-pro- departmental servers hiding underneath someone’s visioning of physical servers, can be added to an existing desk; today, data migrates to third-party public cloud environment without a rip and replace – often using the providers without planning or oversight, risking data loss same software components included in the industrial- or regulatory violation. To the CIO, the private cloud size barrel you’d get with an all-in-one solution. seems like the silver bullet to stop this. No matter how you get there, constructing a private But a full-scale private cloud doesn’t just require cloud can be as much of a boon to the IT practitioner technology, funding, and know-how. It also requires a as it is to the rest of the business. Anything that results number of changes in the way IT is run on a day-to-day in a decreased workload for datacenter techs (think basis. Attempting to implement a private cloud without automation and self-service provisioning) allows them to business acceptance of a chargeback funding scheme or focus on things that matter much more than grunt work. resource pooling is just as counterproductive as provid- ing business units with the technology to provision their WHAT MAKES A PRIVATE CLOUD? own server resources in an environment where they Before delving into what a private cloud looks like from may not have the skills to take advantage of it. a rack and sheet metal perspective, it’s important to understand what problems a private cloud is designed PERSPECTIVE FROM THE DATACENTER to solve and how that sets it apart from a traditional, From the IT practitioner’s point of view, the key day- even fully virtualized, on-premise infrastructure. to-day challenge is staying on top of an ever-expand- ing portfolio of projects and technology updates while AGILITY remaining responsive to end-user requests. In such an Business units like to complain to CIOs and IT practitio- environment, the imperative to “build a private cloud” ners that it always takes too long to provision new ser- may not be greeted with enthusiasm. vices, and they often decry the up-front cost associated To some, the private cloud sounds like a fancy name with them. A business unit seeking to deploy a new appli- for something that’s already well under way: virtualizing cation may spend months or even years deciding which the datacenter. And, in some cases, that may be exactly software vendor to purchase from and lining up develop- what it boils down to. ment resources and consultants. But once contracts are In environments where server virtualization has signed and plans are put in motion, business stakeholders already gained serious traction, many of the key goals expect IT to react quickly and fulfill infrastructure needs. of the private cloud have already been realized. Even a For a traditional IT department, unanticipated basic virtualization infrastructure offers many of the agil- requirements can be extremely difficult to manage. ity and scalability benefits, although server virtualization Business stakeholders often underestimate the server, INFOWORLD.COM DEEP DIVE SERIES J U N E 2 011
4. i Private Cloud Deep Dive 4 storage, and data protection resources that their new after which yet another round of costly capital expen- application will require, and they may not account for the ditures ensues. Worse, by repeatedly overprovisioning time it takes to order, receive, configure, and implement. small islands of dedicated infrastructure, IT strands large Alternatively, the contract for the software may have amounts of capacity and prevents those resources from included hardware intended to be dedicated to the new being used to satisfy spikes in demand elsewhere. application. In the latter case, not only will IT be saddled When these application loads live inside a private with managing that hardware, there’s also an excellent cloud and business units are paying on a per-usage basis, chance the software vendor will have massively over- IT no longer has to dedicate resources to each business spec’d it – resulting in even less operational efficiency. unit individually. Instead, they can pool the entire cor- At best, this process is an expensive waste of time. porate infrastructure – servers and storage – and man- At worst, it can have a lasting negative impact on the age a single pool of spare capacity. working relationship between the business unit and It’s easy to see how this can decrease overall costs. IT. It’s easy to say that the solution lies in better com- Just as business units can deploy a new application munication between IT and the business units sourcing with little lead time, they can also increase the amount applications. That helps, but very few IT organizations of resources granted to one that they have already manage to fully cross that chasm. deployed – even to satisfy a short-term increase in load The private cloud essentially allows everyone to have – and then contract them afterward. their cake and eat it, too. Project sponsors can access various types of server and storage resources that IT MULTITENANCY has made available through a self-service portal. They One of the few good things about traditionally deployed can review the specifications and costs of each and dedicated infrastructure is that it’s fairly easy to main- share them with the software vendor, which can make tain divisions between the infrastructure serving various recommendations on which they should choose. When applications and business units. These divisions may sim- it’s time for the application to go live, the business unit ply consist of installing applications on different servers, “orders” the services, which are automatically provi- providing security and performance segregation. But sioned and immediately available for use, all without IT they may also extend all the way down through the net- needing to do anything or even necessarily be involved. work and storage infrastructure. Such physical separation Configuring the portal, policy, and automation magic allows IT to implement a high degree of security easily, that makes it all work requires time and effort. But the but it also results in an incredible amount of waste. efficiency benefit can be big, especially when system Although resources are pooled on the same server, provisioning is a common task. From a political stand- network, and storage hardware in a private cloud, IT point, the benefits are much more obvious: IT is no lon- must still maintain appropriate performance and secu- ger a speed bump for the business units but still retains rity segregation between the various workloads for the control over the infrastructure. resulting product to be acceptable to business units. This segregation is accomplished through automatic SCALABILITY configuration of the virtualization, network, and storage Another key requirement placed on any IT infrastruc- hardware as the services are provisioned. ture is the ability to quickly scale in the face of increasing During the provisioning process, the automation engine load. Traditional IT generally handles this by overprovi- will build out a virtual machine with processor and mem- sioning infrastructural resources as they are purchased ory allocations, limits, and reservations that match the by business units. This gives IT some cushion before specifications the business unit chose for the system. In stakeholders will demand additional resources to cope addition, it will automatically configure a secure network with higher load. for the system, generally using a software-based firewall Yet overprovisioning contributes to the perception for edge security. It will also, based on policy, configure among business stakeholders that IT is too expensive. the storage for that virtual machine. Although the level of Plus, this approach fails to scale beyond a certain point, direct storage integration varies from product to product, INFOWORLD.COM DEEP DIVE SERIES J U N E 2 011
5. i Private Cloud Deep Dive 5 the service level for storage can be based on either known business unit or application, a single integrated storage pool service levels for various pools of storage that users can can shoulder the load of the entire cloud infrastructure. choose between, or, ideally, on actual service-level con- True enough, but that fact alone demands storage figuration within the back-end storage itself. solutions specifically tuned to accommodate a large number of disparate workloads. The storage must be GOVERNANCE able to scale extremely easily, must be capacity-efficient In traditional IT environments, IT governance – really (typically by making use of eager zeroed thin provision- just an explicit set of policies – is often seen as an ing), must manage performance and tiering autono- obstruction in the path of business units seeking quick mously, and, ideally, should be easy to integrate with deployment. The lumbering nature of governance often cloud management software. To be sure, this is a tall derives from the fact that IT must apply and reapply the order. Only a few storage products available in the mar- same policies over and over as each business unit brings ket today satisfy all or most of these requirements. in a new application or upgrades an old one. Regardless of what kind of storage is used, monitor- How much performance is required? How will ing and managing storage capacity and performance the application be backed up? How will the data be levels are extremely important in private cloud environ- stored? What are the data retention policies if a sys- ments. Since IT may not have any warning that large tem is decommissioned? What kind of redundancy will influxes of new workloads are going to spin up, it needs exist? These are only a few questions that IT really must to be able to turn on a dime to add additional capac- ask to do its job, but the business unit almost always ity. Failure to adequately manage storage capacity and sees them as obstructionist and, above all, expensive. performance in a private cloud environment can have The private cloud does not eliminate these gover- far-reaching impact on a wide range of users. That stor- nance requirements, but it does simplify them by allow- age, after all, is a huge pooled resource. ing IT to effectively answer them once for the entire shared infrastructure and build those infrastructural NETWORK costs into the usage fees that business units pay. Most implementers of high-density private cloud envi- Remember that provisioning within a private cloud ronments will find that the cost and effort required to is driven entirely by the business units, largely without manage separate storage and application networks is direct IT involvement. Therefore IT must be very careful prohibitive. As a result, most private clouds are built on when it constructs the policies that define the different top of high-bandwidth, converged network infrastruc- compute and storage products business units can choose tures. This class of network infrastructure offers far bet- from – and in defining the SLAs attached to them. So ter scalability and flexibility, in addition to significantly although IT can improve its own customer relations by better utilization. (For more information, download the requiring less information from business units, it also has “Virtualization Networking Deep Dive Report.”) a far larger internal policy burden to bear. SERVERS BUILDING BLOCKS Virtualization is the underpinning of most private Now that we have a set of requirements, we can look at clouds. This has a number of implications when select- how different pieces of on-premise IT infrastructure can be ing a server. Many virtual machines on one physical marshaled to build a private cloud. All the basic compo- host results in many threads, so to handle them, look nents of the data center must be provisioned appropriately. for CPUs with a large number of cores (such as Intel’s Westmere chip) and rank the importance of multiplicity STORAGE far above clock speed. By the same token, large memory Storage is the bedrock of any IT infrastructure. At first and high-bandwidth I/O increase the VM capacity of glance, it seems that deploying storage for a private cloud each physical host machine. would be relatively simple. Instead of requiring a fleet of Blade servers make ideal virtualization hosts. It’s different storage resources, each dedicated to a different much easier to add a blade to a blade server than to INFOWORLD.COM DEEP DIVE SERIES J U N E 2 011
6. i Private Cloud Deep Dive 6 add a server to a rack, and not just because you don’t infrastructure that incorporates chargeback functional- need to mess with as many interconnects – the software ity (but not self-service), you can simply add a rela- that comes with blade servers typically makes scaling tively inexpensive software module to fulfill the goal out much easier. (VMware’s vCenter Chargeback is a great example). Note that virtualization is not an absolute require- If your goals really center around automation and ment for every server in a private cloud. A few cloud you have the in-house software development skills, automation software packages support the deployment don’t be afraid to consider developing your own man- and management of physical servers – thus satisfying agement tools. Nearly every virtualization hypervisor, the requirements of applications that aren’t suitable for storage platform, and server hardware platform sold deployment on virtualization platforms. today comes with some flavor of API that makes it relatively easy to script common administrative tasks. MANAGEMENT SOFTWARE Even if outright scripting isn’t your forte, there are Up to this point, the hardware that’s been described still options that may not require buying anything. In would be adequate for operating any high-density virtu- the VMware world, all vCenter server editions ship with alized datacenter. Software is what truly transforms that an often-overlooked tool called vCenter Orchestrator, a hardware from a capable, traditionally managed IT infra- feature-rich automation engine that allows you to build structure into a true private cloud. Though choices made complex tasks with multiple inputs and outputs. In fact, in hardware selection are important, in the long run, they it’s the same engine used by VMware’s vCloud Director are nowhere near as critical as determining which soft- software to manage virtualization-related automation. ware will integrate them into a single self-managing affair. Cloud management software handles such tasks as: MAKE THE PRIVATE CLOUD WORK FOR YOU presenting a self-service portal with which business units Building a full-blown private cloud is not for the meek. can order services, automating the deployment and Reaping the full range of benefits offered by the private modification of services, ensuring that policy-driven cloud demands hard, careful work, both in spec’ing and SLAs are delivered, providing a means for accurate implementing the technology and, perhaps to a larger chargeback and reporting, and ensuring secure sepa- extent, in reforming the way that IT is run from a busi- ration of workloads. It’s easy to see that any software ness policy perspective. Even if your environment isn’t tasked with all these jobs needs to integrate seamlessly large or complex enough to require all the self-service with every level of the infrastructure. It’s also easy to and automation functionality of a full private cloud, you imagine how a poorly cobbled-together software frame- can still come out ahead by designing in some cloudlike work could devolve into disaster. agility and scalability. As with any large software project, a great deal of As time goes on, the distinction between large and planning, research, and thorough testing is required. small enterprises will fade. Just as the earliest adopt- Defining exactly what your organization hopes to get ers of large-scale server virtualization in the early part out of the implementation of a private cloud is the of the last decade were major enterprises, the earli- most important thing to do well. That will almost always est adopters of private cloud technology today will be involve getting feedback from business units when self- those same large corporations. Today, small enterprises service cloud automation software is in the pilot phase. often enjoy more advanced virtualization technology Implementing a fancy new portal won’t do anyone any than that of big business. good if business units refuse to use it. Likewise, invest- The same trickle-down scenario will play out in pri- ing the time and energy in building a system that can vate cloud solutions. As those solutions mature, they auto-provision physical server hardware may not deliver will work their way into the fabric of virtualization and much ROI if the datacenter rarely spins up new servers. storage solutions and eventually become the de-facto Once you’ve identified your goals, try to find the way of doing IT. If you don’t see the value of building a simplest way to accomplish them. You may find that private cloud right now, don’t worry – whether or not if your true goal is to provide a scalable virtualization you go to it, it will inevitably come to you. i INFOWORLD.COM DEEP DIVE SERIES J U N E 2 011