The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

News: VMware vCenter Operations Suite 5.0 Now Available

The delivery of vCenter Operations 5.0 to the market by VMware represents several important milestones in Operations Management for virtualized environments. The tight integration with vSphere and the integration of the Integrien analytics with real time configuration change detection and application mapping put a nail in the coffin of legacy solutions that rely upon periodically updated CMDB’s to understand the environment. The integration of performance, capacity, configuration, and application discovery first into a bundle and later into a full suite will put pressure on many vendors of point solution. However the biggest question remains the viability of a management strategy focused just upon vSphere, when every other vendor (including Microsoft) is taking a more open and cross-platform approach.

When you read many blogs and articles on cloud security, writers such as myself often mention jurisdictional issues as a big problem. Nor is the ability to Audit clouds the only problem. Yet both of these are huge issues for clouds today, but fundamentally, is the cloud flawed from a security point of view or are there plenty of security mechanisms available?

One of the questions I get from time to time is, can I store my data in the cloud? At the NEVMUG, this came up once more. There is currently a lot of uncertainty about cloud storage, specifically when it comes to critical and highly regulated data. Where should I store my data, dovetails nicely with discussions of going to the cloud as well as data protection is a key component of such a migration.

The answer is to dramatically narrow the scope and set of enforcement actions for SOPA and PIPA so that they target just offshore sites engaged in large scale commercial piracy and so that the existing safe harbor for sites that take content from users is both maintained and formally recognized as an exception to the scope of SOPA and PIPA. This will ensure that law enforcement can go after the really bad actors, and that the many good and useful sites and are the basis of the “good Internet” are not collateral damage in these enforcement efforts.

I was discussing yesterday how to use virtualization and cloud performance management tools as an early warning system for security issues. I have touched on use of New Relic, VMware vFabric APM, Quest vFoglight, and other tools that can make up such a early warning system before, but without the proper process in place, the tools will not be good enough.

At the end of last year and the beginning of this year the Virtualization Security Podcast featured two very different guest panelists to discuss cloud security, policy, and compliance: Phil Cox, Director of Security and Compliance at RightScale, joined us for the last podcast in 2011 and the George Gerchow of VMware’s Policy and Compliance Group, joined us for the first podcast of 2012. We asked is the public cloud ready for mission critical applications. The answer was surprising. Have a listen and let us know your thoughts.

If you are going to try to virtualize performance critical applications in 2012, you should arm yourself with a tool that can measure how those applications perform in the eyes of their end users – which is their end-to-end response time. The approach you take should be a function of the mix of applications you have to support – including whether they are purchased or custom developed and if custom developed with what language or framework.

VMware is going to make progress on its automated service assurance vision this year, with initial steps coming in the Q1/2012 version of vCenter Operations and the initial release of vFabric APM. On the third party vendor front, progress is most likely to come by partnerships between vendors who have interesting pieces of the puzzle, but do not have the entire puzzle themselves. On this front the most interesting vendors are Netuitive, Prelert, Blue Stripe, ExtrHop Networks, and VMTurbo. The wild card in this equation is how service assurance will fit with cloud management and offerings from vendors like DynamicOps, Abiquo, Platform Computing and Gale Technologies.

Now, of course, this is a simplified version of the question, because in almost all cases Infrastructure Clouds and Platform Clouds are built on Virtual Infrastructure, and in most cases Platform Cloud is built on Infrastructure Cloud, so the question is really about how far into the Cloud you should be prepared to go. My perspective here is of a development manager – someone who is charged with building a new application. I’m thinking as a development manager not a developer and I’m taking decisions to maximise the productivity of a development team – rather than on the “shininess” of the technology.