Data Center
Blended Cloud Environments – A Financial Services Use Case
Digg
Reddit
Delicious
StumbleUpon
Facebook
Twitter
LinkedIn
BuzzBy Damon Miller, Director of Technical Field Services
One of the most interesting trends in cloud computing is the emergence of “hybrid” solutions which span environments that were historically isolated from one another. A traditional data center offers finite capacity in support of business applications, but it is ultimately limited by obvious constraints (physical space, power, cooling, etc.). Virtualization has extended the runway a bit, effectively increasing density within the data center, however the physical limits remain. Cloud computing opens the door to huge pools of computing capacity worldwide. This “infinite” capacity is proving tremendously compelling to IT organizations, providing on-demand access to resources to meet short and long-term needs. The emerging challenge is integration—combining these disparate environments to provide a seamless and secure platform for computing services. CloudSwitch provides a software solution that allows users to extend a data center environment into the public cloud securely without modification of workloads or network configurations. I’d like to discuss a specific example of how CloudSwitch delivered a solution which spanned environments in a corporate data center and external cloud.
A large financial services company approached us some time ago with an ambitious plan to leverage cloud computing as a strategic initiative within the organization. Their goals were to reduce operating costs, improve responsiveness to the various business units, and differentiate themselves within the industry through technological innovation. Security was a fundamental requirement and a number of risk assessment groups were involved throughout the design and evaluation phases of the engagement. Finally, this company also wanted to leverage a traditional colo environment from their cloud vendor to provide high-speed access to shared storage while also supporting their traffic monitoring equipment. After a period of technical diligence, we established a reference architecture which satisfied all internal security requirements while remaining true to the fundamental goal of moving to a dynamic cloud environment. The result was a true realization of the hybrid model.
In the customer’s reference architecture, there are three primary components:
- Internal data center environment hosting the CloudSwitch Appliance (CSA)
- Private colo environment hosting the CloudSwitch Instance (CSI) and CloudSwitch Datapath (CSD) as well as shared storage for cloud instances
- Public cloud environment hosting customer workloads
The CloudSwitch Appliance is deployed into the customer’s data center environment to allow central management of one or more colo environments. Each of these environments supports an isolated cloud deployment, for example for a particular business unit. CloudSwitch’s virtual switch and bridge components are implemented for high-speed connectivity between cloud servers and shared storage. Finally, the public cloud environment is used to host actual customer workloads (operating systems). Network communication and local storage are protected through CloudSwitch’s secure overlay network and transparent disk encryption functionality.
This approach yields several benefits:
- Multiple instances of this dedicated environment can be independently deployed to support different business units
- High-speed access to the enterprise cloud environment is available since the colo environment is physically located in the same facility
- Physical infrastructure can be deployed into the colo environment in support of cloud servers—for example, shared storage devices
- Dedicated firewalls can be deployed and traffic inspection is possible, satisfying the security groups’ requirements
The reference architecture supports the organization’s high-level goals while remaining compliant with all existing security and regulatory requirements. Cloud servers have high-speed access to shared storage as a result of the colo deployment alongside the public cloud environment. All network traffic and storage is encrypted automatically through CloudSwitch’s security capabilities, and through CloudSwitch’s role-based access controls (RBAC) the security team has centralized control over who is able to access each cloud environment. The end result is a deployment model which truly implements a hybrid environment combining resources from the public cloud with traditional colo resources to deliver a secure, scalable platform for dynamic computing.
SharePoint in the Cloud
By Pavan Pant, Director of Product Management
As customers continue their march to the cloud we have heard from a large number who want to use SharePoint Server in the cloud. Two major concerns that show up frequently are migration of existing custom deployments and data security.
These organizations have spent years customizing their SharePoint deployments so they work just right in their environment, and moving to the cloud is a daunting proposition. Consider a scenario where a customer has deployed SharePoint and each department has its own intranet and individual sites for employees – the proliferation of these sites across organizations and the customization required has created a situation where customers typically stay away from using the cloud for their existing SharePoint deployments and start from scratch in the cloud.
We’ve also heard from customers who already have SharePoint deployed in their data centers with sensitive content (e.g., PII information) and would love to take advantage of the elasticity the cloud has to offer but have security concerns about using the cloud. In a shared multi-tenant environment customer data needs to be protected from unauthorized access at all times, and must be off limits to cloud providers. This essentially means that customers need full disk and network encryption to protect their data while it is at rest and in motion.
CloudSwitch allows you to take your existing SharePoint deployments and run them the cloud without requiring any changes to your application or networking. In addition, all your data remains secure – we provide full network and disk encryption (including encryption of the boot partition) in the cloud to ensure that your content remains secure while in transit to the cloud and in the cloud itself. Most importantly, the disk encryption keys remain in your control as opposed to being stored and managed with the cloud provider.
One of our customers is a large health insurance company that has sensitive patient data and other information in their SharePoint content management system. Their primary goal was to offload their ongoing management of the SharePoint servers in their data center and use Amazon’s public cloud. This would allow them not only to lower their costs but also to take advantage of the elasticity offered by the public cloud. The configuration in their data center is a two-tier SharePoint deployment – one server runs SQL while the other runs both the SharePoint Content Server and the Front-End IIS server.
With CloudSwitch’s software in place in their internal VMware environment, this customer was able to migrate their existing SharePoint deployment to the cloud securely, simply and without any changes whatsoever (IP address, MAC address, network configurations, etc.). Their end users can access and use the SharePoint sites for content management exactly as they did in the data center. SharePoint administrators are able to add servers to the farm, cluster the SQL server and burst in the cloud as needed just as they would in the data center but with all their security needs being met. Also, with the “infinite” scalability of the cloud, they no longer need to worry about the time it takes to buy and install new storage. They can allocate new resources to their cloud SharePoint deployment in minutes.
In addition to all this, the customer can also continue using their Active Directory installation in the data center to control authentication and authorization to the SharePoint portal – again, all of this without installing any agents or software on servers in the customer’s data center or any agents for the customer’s servers in the cloud.
Leveraging the Cloud
I recently attended a cloud computing panel where one of the panelists was lamenting how SharePoint was never architected with the cloud in mind because cloud providers like Amazon impose networking and storage constraints (e.g., dynamic IP address and ephemeral storage) that SharePoint does not handle well. Some of the main reasons to deploy SharePoint in a multi-tenant environment are to consolidate resources and take advantage of the scale the cloud offers – by having multiple users in a single deployment that can take advantage of storage as you grow. Many enterprises have been shying away from using SharePoint in the cloud because of concerns around security, storage management and networking implications. That applies only if you think about the cloud as an opaque system where only the cloud provider can control networking, security and configuration. With CloudSwitch, all of the control is shifted back to the enterprise and the users can run their existing processes and applications. We do all the heavy lifting for you so you can move your SharePoint deployments to the cloud and get started today!
Why Cloud Federation Requires Layer-2 Connectivity
By John Considine
Hybrid clouds are achieving almost universal buy-in as the way enterprises use the cloud. As we’ve described previously, the hybrid model federates internal and external resources so customers can choose the most appropriate match for workload requirements. The approach is already transforming enterprise computing, enabling a new generation of dynamic applications and deployments, such as:
- Using multiple clouds for different applications to match business needs
- Allocating components of an application to different environments (e.g., compute vs database tiers), whether internal or external (“application stretching”)
- Moving an application to meet requirements at specific stages in its lifecycle, from early development through UAT, scale testing, pre-production and ultimately full production scenarios
- Moving workloads closer to end users across geographic locations, including user groups within the enterprise, partners and external customers
- Meeting peak demands efficiently in the cloud while the low steady-state is handled internally
While everybody’s talking about the hybrid cloud, making it work is another story. Enterprise deployment can require extensive reconfiguring to adapt a customer’s internal environment to a given cloud. The result, when it’s finally running, is a hybrid deployment limited to the customer’s internal infrastructure and one particular cloud, for one particular application.
Most cloud architectures are built with layer-3 (routing) topologies, where each cloud is a separate network with its own addressing scheme and set of attributes. This means that all address settings for applications deployed to the cloud have to be changed to those assigned by the cloud provider. It also means that applications and services running internally that need to interact with the cloud have to be updated to match the cloud provider’s requirements. The result is lots of re-configuring and re-architecting so the organization’s core network can communicate with the new external resources – exactly the opposite of the agile environment that cloud computing promises to deliver.
In our discussions with enterprise customers and technology leaders, we’re now seeing a broad recognition that cloud federation requires layer-2 (bridging) connectivity. We’ve always believed that layer-2 is the right way to enable cloud federation. This week’s announcement of Cloud Bridge by Citrix is a confirmation that tight network integration is critical for successful cloud deployments. Although it’s great to see others now starting down the path of better cloud networking, it is critical that enterprises realize that this level of network integration also requires heightened security for cloud deployments – remember that you are now blending the cloud networks with your internal networks. This is why CloudSwitch has developed a comprehensive solution that not only provides full network control independent of what networking gear the cloud provider has chosen, but also secures and isolates customers’ data and communications completely through our Cloud Isolation Technology™.
In contrast to layer-3, layer-2 networking is location-independent, allowing the network in the cloud to become a direct extension of the network in the data center. It does this by preserving IP and MAC addresses so that all servers have the same addresses and routing protocols, wherever they physically run. Users can select where they want to run their applications, locally or in the cloud, without the need to reconfigure their settings for different environments.
Don’t Change Anything
CloudSwitch is unique in providing layer-2 connectivity between the data center and the cloud, with innovation that resolves previous addressing and security challenges. Our Cloud Isolation Technology automatically creates a layer-2 overlay network that encrypts and encapsulates the network traffic in the cloud as a seamless extension of the internal environment. The customer has full control over the cloud network and server addressing, even in clouds that don’t natively support this capability. No configuration changes are required. You don’t have to update router or firewall settings for every subnet or cloud deployment. You don’t have to change address settings, or keep up with changes in the cloud providers’ networks – everything “just works.”
While layer-2 connectivity is essential for full integration of the hybrid model, some companies and applications will still want to use layer-3 routing for their cloud deployments. Some practical applications for layer-3 connectivity include:
- Cloud-only networks – providing access to the tiers of an application running in a cloud-only network
- Remote access to cloud resources – VPN services for remote developers or users, branch office integration with the cloud resources where different network settings are required
- Protected networks – for cases where the enterprise wants to centrally control who can access a specific network (utilizing their core switches and routers)
Keep in mind though, that most of these layer-3 deployments have use for layer-2 connectivity in the background as well. For the cloud-only networks, other network tiers in the same deployment can benefit from a layer-2 connection back to the primary data center for application and database tiers. For remote access deployments, management, operation, and maintenance for the cloud resources is greatly simplified by having a layer-2 connection to the data center in addition to the layer-3 access for remote users.
The CloudSwitch recommendation, and the way we’ve architected our product, is to offer layer-2, with support for layer-3 as an option. Our customers can choose to interact with their servers in the cloud using an automated layer-2 connection, or use layer-3 to create specific rules and routing to match their application and even infrastructure design. We believe that enterprises should have the freedom to create arbitrary networks and blend layer-2 and layer-3 deployments as they need, independent of the networking gear and topologies selected both by the cloud and their own IT departments.
Making Federation Work
For hybrid computing to succeed, the cloud needs to appear like a resource on the customer network, and an application running in the cloud needs to behave as if it’s running in the data center. The ability to federate these disparate environments by mapping the data center configuration to the cloud can only happen at layer-2 in the networking stack. With innovations that make the cloud a seamless, secure extension of the internal environment, CloudSwitch helps customers turn the hype around hybrid cloud into reality.
F500 Corporate IT, Cloud Innovators?
By Ellen Rubin
The way you know you’re in the midst of a technology shift and market disruption is when organizations don’t behave the way you expect them to based on past track records. Cloud computing has been filled with surprises and unexpected behavior from the get-go. First, Amazon, a retailer, turns out to be a technology powerhouse in disguise and changes the rules of IT infrastructure. Then, “real” technology leaders like IBM, Dell, EMC, HP and others make lots of announcements about cloud but essentially do little and re-brand existing offerings as “cloud-enabled.” Next, Verizon, the phone company, buys Terremark in a bid to become a global cloud leader. And of course, there’s always the fact that the federal government has embraced cloud widely and is spending large amounts of money to build private clouds and leverage public ones.
So, in a world that sometimes seems upside-down, how surprising is it really that the F500, and in particular, the corporate IT groups within these huge organizations, have often turned out to be the early adopters and drivers of cloud in all flavors – private, public and hybrid? When we started CloudSwitch, our hypothesis (based on all sorts of track records and past behaviors) was that within the enterprise market, mid-tier companies (defined loosely as several hundred million to a few billion dollars in revenues) would try cloud first. This was because we were betting that these organizations had enough pain from internal data center management (cost, over-provisioning, not their core business, lack of responsiveness to business users, etc.) that cloud computing’s benefits would overcome their initial concerns. And in fact, this is true of many mid-tier enterprises, who have indeed taken the leap into cloud over the past couple of years, along with the developer and start-up communities.
But the companies who seem to be driving enterprise adoption of cloud and defining many of the requirements for vendors in our experience are at the multi-billion-dollar revenue mark, and often within the F500. Our initial hypothesis here was that these companies would be too large and resistant to change to be early adopters, unlike the smaller, more nimble mid-tier players. But it turns out that these companies have such enormous capital expenditures in data centers and infrastructure investments that they’re determined to adopt cloud to move them to a lower cost curve (“get off the data center treadmill”) and help them break through the internal limitations on self-service provisioning and scaling that have frustrated their business users for years.
Even more unexpectedly, many of the people who are leading the way within these companies are managers and architects within the corporate IT group. It’s interesting to note that in previous technology shifts – SaaS and virtualization come to mind – the revolution was staged from within business units or at the developer level, and corporate IT came on board once these technologies were de facto standards. It’s possible that with these experiences in mind, corporate IT (and the CIO in particular) has decided to take the lead this time around, and not wait to find out what’s been going on without enterprise security, control or standards.
Last year, corporate IT was struggling to absorb the avalanche of information about cloud and to separate the hype from meaningful architectures and use cases. With some encouragement from the large technology vendors, corporate IT shops retreated into private clouds as the safe way to go. This year, with hybrid clouds all the rage, it feels like enterprises and IT managers are coming into their own. They’ve been speaking with more confidence based on their pilots and initial deployments, and have come to see cloud as something that can be shaped and driven by real enterprise requirements – not just a new set of processes/resources that need to be run as a separate and un-integrated silo.
In this hybrid model, F500 enterprises are working with vendor partners to build private clouds, and identify application categories that can run completely in public clouds, and those that need to span internal and external environments. They’re asking for management, orchestration and federation technologies that let them be vendor-agnostic and “position independent” (so apps can run in a given environment at a particular point in time, regardless of underlying infrastructures). This process is clearly a multi-year learning experience with the usual fits-and-starts as companies bump into the inevitable limitations of new technology and meet resistance from internal stakeholders. But the trend is clear. And although relatively few of these large enterprises are willing to go on record yet with their case studies, we can see first-hand the in-roads cloud is making among some of the largest pharmas, banks and manufacturing companies in the world, and it’s exciting to be part of the paradigm shift.
How to Build an HPC Cluster in the Cloud
By Damon Miller
Organizations in industries such as pharmaceutical research and financial services as well as many federal agencies depend on high performance computing (HPC) for research and analytics. From protein sequencing to market simulation, these compute-intensive tasks demand processing power far beyond the capabilities of a single server. Organizations have traditionally built large clusters and grids in their data centers to distribute these massive workloads across multiple machines. Resource requirements are usually short-term (a few hours, days, or weeks), which means that internal equipment is largely underutilized but still needs to be available for critical projects. Rather than continue to build out their infrastructure at enormous cost, many enterprise are now considering the cloud as a more flexible and efficient alternative.
Based on our work with some big players in pharma and banking, building a secure HPC cluster or grid in the cloud can be straightforward and take much less time than you might imagine. Here are the basic steps to get it done:
Step 1: Deploy or migrate a management server in the cloud
A distributed computing management (DCM) server (also called a front end server or queuing server) is required for coordinating execution of jobs across a large number of compute servers. Products such as Oracle Grid Engine or Condor are commonly used to provide this capability. There are also tools such as Rocks Clusters which include the DCM software as part of an OS provisioning system. Regardless of the specific solution used, CloudSwitch enables an administrator to migrate an existing deployment or establish a new deployment in the cloud within a few minutes. Once the chosen software framework is in place, compute capacity to carry out the workload can be provisioned.
Step 2: Create compute servers quickly in the cloud
The CloudSwitch API makes it easy to quickly stamp out dozens or hundreds of virtual servers in the cloud that will form the cluster or grid. You can configure the virtual machine parameters that match your internal environment with a few clicks, or upload a gold image to make provisioning even easier. CloudSwitch automatically creates the appropriate cloud resources with the chosen configuration rather than relying on a cloud provider’s options. (A previous post describes the CloudSwitch point-and-click approach in more detail.) The CloudSwitch isolation layer extends the internal environment into the cloud so that when the servers are started, they appear to be running inside the data center, using the same management tools and processes.
Step 3: Install the operating system
Now that we’ve created the cloud infrastructure, we continue building up the stack, starting by installing the operating system on the virtual machines we created. There are a number of products that do this quickly with minimal human effort. If using Rocks, the compute servers automatically boot from the network using the “PXE” standard, and operating systems are pushed onto them. CloudSwitch also supports other solutions, including ISO-based or image-based provisioning in addition to network boot.
Step 4: Install the DCM software and build the cluster
Since the DCM software provides the overlay framework enabling HPC jobs to run in parallel, it must be installed onto each compute node. In some cases this step can be done automatically by the provisioning solution (as in the case of Rocks), or the software may be installed manually after OS provisioning completes. Regardless of the installation method, once the DCM software is installed onto the newly-provisioned compute nodes, they are available to the management server as workload targets.
The above process will vary slightly depending on which tool(s) you use, but the end result will be the same: a fully-functioning cluster in the cloud, with the same look and feel as if it was running within the data center. These steps could be repeated as often as needed to provision multiple clusters in the cloud, with each cluster running within its own private network to securely support separate users and groups.
And you’re ready to go!
Researchers and analysts can submit HPC jobs through the public network to the front end server, where the DCM software manages the queue, allocates compute resources, monitors progress, and informs users when jobs are finished. The user interface will look as if the cluster were running internally, so scientists or analysts can submit jobs using the commands and processes they are familiar with.
All of this can be done in minimal time. For example, for one pharma customer, I created a Rocks front end server in the cloud using a traditional ISO installation mechanism. Once the front end was in place, I used the CloudSwitch API to clone a server template in parallel and in approximately three minutes I had created over 300 servers in the cloud. I then used Rocks to provision operating systems and Oracle’s Grid Engine onto the servers when they were started. After 45-60 minutes, all servers were running in the cloud with the cluster framework in place and ready to accept HPC jobs.
Another important consideration is data security, for example to protect intellectual property used by our customers while conducting their research. The CloudSwitch isolation layer addresses security concerns by providing a single integrated environment that allows workloads to run in the cloud with the same protection and control available internally. Once data leaves the physical data center it is isolated at all times as an extension of the enterprise’s security perimeter. Enterprises not only know that their data is secure, they are able to prove it to their own customers, regulators, and other stakeholders. (More information about how we do this can be found in the CloudSwitch white paper “Making Cloud Computing Secure for the Enterprise.”)
As the demand for computing power continues to grow, CloudSwitch makes it easy to build a grid of any size in the cloud — quickly, cost-effectively, and securely. Researchers and analysts can run even the most compute-intensive HPC workloads in the cloud, with the same tools and processes used inside the data center. As our customers are discovering, this ability to access almost unlimited computing resources on demand, paying only for what you use, can be a huge competitive advantage.
Don't Touch Your Routers! Extend Your Internal Network Topologies into the Cloud
By Pavan Pant
One of the questions foremost in the minds of our customers is related to how their internal network topology will translate to the cloud. Every enterprise has a unique network infrastructure which includes specific addressing (subnets), services like DHCP/DNS, identity and directory services like LDAP, firewalls rules and routing rules – all reflecting your specific requirements. Public and private clouds also have unique networking infrastructures that are distinctly different from your enterprise networking architecture, design, and addressing. All this means that applications in your data center will need to be modified before moving to the cloud which incurs additional costs.
CloudSwitch’s isolation technology eliminates the need to re-architect your applications or change your networking infrastructure by allowing you to securely move or provision applications with the cloud provider of your choice. We also provide a secure, layer-2 connection or a network bridge to the data center which means that you don’t need to change any network configuration data and can maintain the same IP address, MAC address, subnet information, etc. Once you have moved applications to the cloud you can operate and manage them just as you would in your data center, and network connectivity will work exactly as it always did in your data center. Most importantly, we provide full network encryption which ensures that malicious users cannot snoop/eavesdrop on traffic being sent between your applications in the cloud, or traffic being sent back to your data center. All of this is delivered automatically as part of the CloudSwitch solution – no special software or configuration is required either in your application or by the cloud provider.
A common request from our customers is to configure their subnets in the cloud based on their specific requirements while still communicating back to the data center in a secure fashion. Here’s an example of a DMZ and an application tier migrated to the cloud from a data center environment using CloudSwitch, where customers have the flexibility to selectively decide which of these tiers can communicate back to the data center:
In this scenario, CloudSwitch has replicated an enterprise’s internal network topology in the cloud. The application tier has been moved to the cloud without any modifications and can communicate back to the data center to authenticate against the Active Directory domain controller. You can also have subnets span across multiple zones, regions and clouds which is the type of flexibility other solutions do not offer. There are absolutely no limitations enforced on building your network topology in the cloud – servers can have multiple NICs associated with different subnets even when the native cloud provider does not support such capabilities. It’s important to note that none of this requires making any changes to your edge devices – no modifications to your router configuration or routing switches, which is not always the case with other technologies.
These are the types of sophisticated networking capabilities that enterprises are looking for to extend their internal network topologies to the cloud and build out their hybrid cloud models. We have seen a growing number of customers express an interest in these capabilities as they get serious about moving production workloads to the cloud. However, most cloud providers have yet to figure out how to meet these networking requirements without requiring investments of time and money to modify applications and networking gear. At CloudSwitch we firmly believe that migrating to the cloud should not require any modifications to your applications (or the need to run them through VM conversion tools), nor should it require any work on your part to change your networking configuration or your edge devices. We’ve built a solution that eliminates the need for any of that work while adhering to strict security standards so your data and network traffic stays safe even when deployed in a multi-tenant environment.
Envisioning a World without Enterprise Data Centers
By Ellen Rubin
In discussions with our customers, we’ve seen an interesting trend emerge in recent months. A surprising number of customers are telling us that their goal is to never build another data center again, or even to do away with their data centers completely. They see the cloud as central to this goal. We’re seeing this trend from customers of many different sizes, from mid-size to large and very large companies. This new mindset seems to reflect a major shift in direction as enterprises rethink their IT strategies.
One interesting aspect of this trend is that customers are taking the lead in recognizing the possibilities of the cloud. As their confidence grows, they’re taking another look at their current infrastructure and adopting a new mindset around what enterprise computing should look like. While the traditional brick and mortar data center has been a staple of enterprise IT for decades, nobody really wants to have an expensive data center, and enterprises realize that now they’re in a position to do something about it. They want to get off the “data center treadmill” because they know where it leads: to ever-increasing operating costs, ever-larger capital investments, more and more manpower, and a huge distraction from their main mission. With the emergence of the cloud as a viable alternative, enterprises are taking a close look at the way they’ve been doing things and incorporating cloud into their overall infrastructure plans.
We’re actually seeing two flavors of this trend. Some companies in the mid-tier space are now trying to determine if they can get down to a very small data center footprint or none at all. They’ve already consolidated as much as they can, perhaps from several data centers down to one. They’ve virtualized much of their environment and squeezed as much efficiency as possible out of it, and now they’ve turned to the cloud to offload the next level of application infrastructure. As they shift operations to the cloud, they’ve decided to stop building out their data centers or taking more space at their colos. The argument (at least in the mid-tier space) is: “Data center management is not our core business, so why are we investing so much time, effort, and expense in it, instead of leveraging resources that are managed by the experts?”
We’re also engaged with much larger F1000 companies with more extensive operations. They may have had dozens of data centers at one point, and have been trying to scale down to less than ten. They’ve aggressively consolidated and virtualized, but know they’re not likely to be able to live without a data center in the foreseeable future since their operations are just too vast and fast-growing (especially when they engage in M&A activity). These companies also have “big iron” in their data centers (like mainframes, dedicated cluster hardware, and high performance SANs) that can’t be directly moved or hosted in the clouds. In addition, some critical data and computing will have to remain under tight control for compliance and business reasons. Thus there are factors at play that will slow down their ability to close their data centers — but they aspire to, and this long-term vision is starting to inform their strategic planning. The way they think about where to run their applications is changing, and they’re just as eager as mid-sized companies to get off the capital expenditure treadmill.
What will this new world look like? Enterprise computing is already in the midst of dramatic change, where the old brick and mortar data center is being replaced by pools of virtual resources that can be located anywhere as long as they perform and behave in the way that meets business requirements. Physical control of resources is being replaced by virtual control, by an administrator managing the virtual data centers across multiple clouds from their desktop or laptop.
How will it come about? Much of the cloud discussion over the past year has been dominated by hybrid clouds, where workloads can be allocated across internal and external resources. Using this approach, enterprises can take advantage of resources on demand for scaling and peak workloads rather than over-provisioning the internal environment. They can also use clouds in multiple regions so that processing and data can be placed near consumers, eliminating the latency of a distant internal server. And they can offload back-office, non-mission-critical apps from their internal environments given that many of these could really be run anywhere. Enterprises will use this hybrid model to make the transition to the virtual data center, choosing which workloads have to run on their internal infrastructure and which can run externally. Over time, the internal environment will shrink as companies run more and more workloads in the cloud.
The possibilities start to get very interesting. Rather than the current approach to cloud computing, where enterprises try to graft cloud capabilities on top of a legacy infrastructure, the cloud becomes a virtual private data center. A control point is still needed to manage those pools of resources across the different cloud environments, but this could be something extremely lightweight and portable such as an administrator’s laptop.
This is the next, upcoming chapter in the hybrid story — and once again, CloudSwitch is playing a leading role. As innovators in the hybrid space, we make it easy to provision, migrate, scale, and manage workloads in public clouds, while providing the security, control, and adherence to standards that an enterprise depends on. Using our technology, enterprises can orchestrate workloads across the cloud landscape (internal and external), as they start to phase out their current environments and get off the “data center treadmill.”
Provisioning in the Cloud with Point-and-Click Simplicity Using Your Existing Data Center Tools
By Pavan Pant
Releasing CloudSwitch 2.0 was a great way to close out 2010 and build momentum for 2011. As part of that announcement we discussed some great new capabilities and improvements in Enterprise 2.0 that were driven by our customers’ use cases as they move to the cloud. It was no surprise to us that amongst all the great features in 2.0, the most popular by far has been our ability to provision virtual machines in the cloud. We have heard about many cases where customers have expressed an interest in provisioning applications in the cloud just as they would in the data center using their gold images as opposed to being constrained by a cloud provider’s options, which did not always meet their specific needs.
The clear message we heard was that customers wanted to be in control of the virtual machines that were provisioned in the cloud while making sure their servers were secure and connected back to the data center to communicate with their DHCP infrastructure, DNS, identity management, etc. They wanted the ability to create a virtual machine from scratch and provision their application stack on it by using their gold ISOs, or by booting from a PXE server. There were also a handful of customers who were interested in saving bandwidth when migrating to the cloud by creating servers directly in the cloud.
With CloudSwitch Enterprise 2.0, customers can now provision virtual machines in the cloud following the same process that they would in the data center using tools they are familiar with. Our user interface allows customers to provision in the cloud with point-and-click simplicity by configuring virtual machine parameters such as the operating system, memory, number of disks, storage controllers, network settings and boot options to provision your application stack in the cloud.
We have designed an intuitive, wizard-based process to provision virtual machines in the cloud. You could start off by booting a provisioned server using an ISO from CloudSwitch’s library which includes popular Linux and Windows distributions, or upload your gold image and boot from that. Other options include booting from a network source such as a PXE server, and referencing an ISO image from a HTTP server such as a mirror server.
Figure 1: Specify Boot Source
Much like the process of provisioning virtual machines in your data center you can set your SCSI controller types for the guest operating system, and even specify the boot order for your virtual machines in the cloud. As an example, if you wanted to provision from a PXE server CloudSwitch allows you to set the boot order as CDROM followed by Hard Disk and Network so that once you have booted from the PXE server the next time the server restarts it will simply boot from the hard disk.
Figure 2: Specify Boot Order
You can provision as many virtual machines as required, add as many NICs as necessary, generate new MAC addresses for them, and map those NICs to networks. The final step in the provisioning wizard uses our CloudFit™ function that allows customers to select any combination of a cloud provider’s instance sizes to customize the cores, memory, storage, compute capacity and region before you provision in the cloud. CloudSwitch also provides console access to the keyboard and display of your server in the cloud so you can administer systems just as you would in your data center.
Figure 3: Networking Configuration (click image to enlarge)
All these features give you the freedom to create new virtual machines in the cloud without having to change other data center services such as DHCP, DNS, networking configurations, identity management, etc. Once you have provisioned your application stack in the cloud using CloudSwitch you can also move these workloads to the different regions and zones your cloud provider offers, across cloud providers or back to your data center without making any changes to the application or to your existing data center tools.
It’s as simple as a few clicks in our user interface to configure your server parameters, provision as many servers as you need, use them as long as you want and then shut them down. That’s the flexibility the cloud offers, and CloudSwitch is committed to helping customers handle hybrid cloud scenarios seamlessly and securely without requiring any changes to their applications or underlying infrastructure while using their existing data center tools. Provisioning in the cloud is yet another step towards that goal so go ahead and get our enterprise trial version today to get started. We’re continuously enhancing our software to ensure everything “just works” transparently for enterprises in the cloud.
CloudSwitch Enables True Cloud Federation
By Pavan Pant
As with any transformative technology that is new to the market, both public and private clouds have generated massive amounts of hype, bold predictions, a whole lot of confusion and raging debates amongst the cloud cognoscenti. Opinions vary across the spectrum with some experts claiming that data centers will be rendered obsolete by the public cloud, while others are dismissive of the public cloud but support private clouds. It’s clear to us at CloudSwitch that a more likely scenario lies squarely in the middle of those two extremes. This week at VMworld (where we were exhibiting with our partner, Terremark), we were pleased to hear that VMware believes that “hybrid cloud is the tide coming in.” From Paul Maritz’s keynote through many sessions and product announcements (including the release of the long-awaited vCloud Director), the message was all about hybrid clouds.
One of our previous blog posts discussed the notion of hybrid clouds and the fact that most enterprises will follow such an approach in the future. Amazon, Terremark, Rackspace, Savvis, Blue Lock and other public cloud providers give customers elasticity, better service delivery and low CapEx costs. Meanwhile, there are solutions such as Eucalyptus and VMware’s vCloud Director that provide the interface and management tools to help organizations build private clouds while interfacing with public clouds to create hybrid cloud models.
Both use different APIs for their hybrid models with Eucalyptus delivering tight integrations for EC2 using Amazon’s APIs and VMware vCloud Director working with vCloud DataCenter Services (VMware’s terminology for public cloud providers) such as Terremark that leverage vCloud APIs. However, these technologies do not assist with creating an environment that spans hypervisors and cloud providers without changing the applications. If customers build private clouds that are not using the same virtualization infrastructure as their preferred public clouds then what does it really mean to hybridize their clouds?
Consider a scenario where a customer builds a private cloud using Eucalyptus or VMware vCloud Director. That private cloud still ends up being different from your data center (much like a public cloud) - the networking may be different, versions of virtualization technology may be different and the storage infrastructure may be different. All this means that applications in the data center will need to be changed before moving to the private cloud. As an example, if your QA team runs servers on their own subnet in the data center how can this be transitioned to a private or public cloud without incurring additional costs to change those servers?
CloudSwitch’s core value proposition lies in the ability to securely transport a customer’s existing virtual infrastructure to the cloud provider of their choice, independent of the provider’s underlying virtualization infrastructure (VMware, Xen, etc.). This effectively allows customers to securely move and operate servers from their data center across hypervisors to private cloud providers without requiring them to make any modifications to their application – we maintain the same IP address, MAC address, storage controllers, subnet information, etc. Once customers have moved their servers to the cloud they can operate and manage them just as they would in their data center. CloudSwitch has an intuitive web based interface which gives customers server lifecycle management options such as start, stop and clone.
Similarly, if customers have a private cloud which uses either Eucalyptus or VMware vCloud Director CloudSwitch can speak to those APIs and facilitate the transfer and management from these private clouds to public clouds. This enables a hybrid model where private clouds leverage public clouds for spikes in usage (cloudburst), or lab-on-demand use cases for training and POCs. CloudSwitch does all the work of integrating the environments across these private and public cloud hypervisors, merging networks and transferring servers without modifying them in any way.
Many years ago, I had the privilege to work on the first iterations of RSA’s identity federation product both as an engineer and as a product manager. Federated single sign on enabled the portability of identities across security domains and allowed for the secure exchange of sensitive data outside the firewall without requiring any changes to the identity itself.
While the markets for Identity Management and cloud computing are unambiguously different, the notion of federation to make portability and interoperability easier for enterprises is a common theme. CloudSwitch is in a unique position to help enterprises with true cloud federation by moving workloads seamlessly from the data center to the cloud (private or public), between private and public clouds (hybrid), across public clouds and back to the data center without requiring customers to make any changes to their applications. Regardless of the starting point, CloudSwitch offers customers an easy, effective method to leverage the benefits of the cloud while ensuring portability across clouds.
The New Normal in Enterprise Infrastructure
By Ellen Rubin
As we work with dozens of companies that are actively running pilots and doing early deployments in the cloud, it made me think about what the “new normal” will look like in enterprise IT infrastructure. A recent report from the Yankee Group shows that adoption of cloud is accelerating, with 24% of large enterprises already using IaaS, and another 37% expected to adopt IaaS within the next 24 months. It’s clearly a time of major shifts in the IT world, and while we wait for the hype to subside and the smoke to clear, some early outlines of the new paradigm are emerging. Here’s what it looks like to us at CloudSwitch:
- Hybrid is the dominant architecture: on-prem environments (be they traditional data centers or the emerging private clouds) will need to be federated with public clouds for capacity on-demand. This is particularly true for spikey apps and use cases that are driven by short-term peaks such as marketing campaigns, load/scale testing and new product launches. The tie-back to the data center from external pools of resources is a critical component, as is maintaining enterprise-class security and control over all environments. Multiple cloud providers, APIs and hypervisors will co-exist and must be factored into the federation strategy.
- Applications are “tiered” into categories of workloads: just as storage has been tiered based on how frequently it’s accessed and how important it is to mission-critical operations, application workloads will be categorized based on their infrastructure requirements. In the end, app developers and users don’t really want to care about where and how the application is hosted and managed; they just want IT to ensure a specific QoS and meet specific business requirements around geography, compliance, etc. The cloud offers a new opportunity to access a much broader range of resources that can be “fit” against the needs of the business. In some cases, the current IT infrastructure is over-provisioning and over-delivering production gear for lower-importance/usage apps; in other cases it’s woefully under-delivering.
- IT becomes a service-enabler, not just a passive provider of infrastructure resources: IT is now in a position to provide self-service capabilities across a large set of resources, internally and externally, to developers, field and support teams. This requires a new set of skills, as we’ve blogged about before, but the cloud gives IT the opportunity to meet business needs in a much more agile and scalable way, while still maintaining control over who gets to use which resources and how.
- The channel shifts from resellers to service providers: as noted by Andrew Hickey at ChannelWeb, the opportunities for resellers will need to shift as companies reduce their large hardware and software buys in favor of the cloud. The new focus will be on providing services and consulting with an opex model and monthly payments, and expertise in change management and predictive use models will become core competencies. We’ve already started to see this shift at CloudSwitch with a new crop of cloud-focused consulting/SI boutiques springing up in the market to help CIOs plan their cloud deployments.
For many enterprises, these shifts are still being discussed at a high level as CIOs formulate their cloud strategies. Other organizations are diving right in and selecting a set of applications to showcase the benefits of cloud to internal stakeholders. We’ve been fortunate at CloudSwitch to work with some of the earliest cloud adopters and with our cloud provider partners to help define some of the “new normal.”
