The Virtualization Practice

IT as a Service

IT as a Service (ITaaS) covers private clouds hybrid clouds and the cloud management offerings used to create and manage these clouds. This includes coverage of Infrastructure as a Service (IaaS) private and hybrid cloud offerings, Platform as a Service (PaaS) private and hybrid cloud offerings, and Software as a Service (SaaS). ...
Emerging areas like Desktop as a Service (DaaS), Storage as a Service, and Applications as a Service are also covered. The key issues covered include which enterprise applications and use cases are appropriate for private and hybrid clouds, and how vendors should select the cloud management offerings that are going to be used to manage these various types of cloud services. Covered vendors include VMware (vCloud Automation Center), VirtuStream, CloudBolt Software, Intigua, ElasticBox, ServiceMesh, Cloudsidekick, and Puppet Labs.

Public Cloud SLA’s are worthless. They need to be replaced by metrics that measure the responsiveness of what the cloud provider owns to the layer of software from the customer running in the cloud. Developing these metrics will require significant changes to existing APM approaches in order to be able to separate time spent in the application from time spent in the application framework or OS.

Federated Clouds? Possible?

Mike DiPetrillo’s post entitled VMware is Building Clouds sparked some interesting thoughts and discussion about what it means to have federated clouds and how do you define such federation? Is federated required to make ‘cloud’ ubiquitous or are we already there? But is the discussion really about federated clouds or simplistic data object movement between the VMs or about cloud management?

A Service Level Agreement (SLA) is an excellent expectations-managing mechanism, but it’s important to manage your own expectations of what an SLA can realistically accomplish. Just those three words “Service” “Level” and “Agreement” is often an attention turn-off I know: SLAs are to infrastructure bods what documentation is to developers. Yet, when considering taking up cloud and utility services many consider that the SLAs offered aren’t reliable, if they exist at all. So the SLA becomes the blocker – ‘If I move services out of my data centre, how will I guarantee availability and performance’.

In Applications Performance Equals Response Time, not Resource Utilization, we took the position that while for the majority of the applications deployed on physical hardware the general practice was to infer their performance by looking at normal vs. abnormal resource utilization statistics, once you virtualize an application, it becomes necessary to directly measure its response time in order to ensure adequate service to business constituents and end users.

Managing licensing and utilization costs is a mess today in the physical world. Introducing elastic scaling of workloads into a hybrid private/public cloud introduces new uncertainties and new software licensing metering and compliance issues. This is particularly true in the case of enterprise applications which are licensed by the enterprise from the software vendor and then deployed on an as needed basis on Iaas or PaaS clouds.

Cisco has announced the intent to acquire newScale. This puts the leading service catalog into the hands of Cisco, who will certainly pursue deep integration between newScale and the UCS – providing enterprise customers breakthroughs in provisioning and workload management agility. This also sets up Cisco and VMware to compete in the IT as a Service management stack business.

With the diversity of cloud’s available today, data being sent from one to another could appear to be a hodge-podge of security. As one colleague put it recently when I asked what he was expecting to maintain integrity of data in motion between clouds:

“… what kind of kludge can things end up being when you have multiple connections to multiple hybrid clouds all doing different things” — Steve Beaver

So how does data transfer between the clouds? Is it a kludge? or can it be done using a uniform security policy, procedures, and protocols while maintaining Integrity and Confidentiality and auditability?

Security as a Service: Is it Safe?

Last week I spoke with two different Security as a Service vendors, each with their own approaches to security as a service. The first company I spoke to was CloudPassage who just exited stealth mode in time for RSA Conference, and Zscaler who is a well known company. Both provide Security as a Service with a similar approach by a different design. Both make use of large grids or computers to do all the heavy lifting of security, but from there they differ completely. While there is some overlap in the products, the different designs show us multiple ways to implement Security as a Service.