Professional Documents
Culture Documents
Anshu Kak
Distinguished Engineer CTO SWG Tech Sales Cloud Computing
Based on knowledge of IBMs services, software & system experiences, including IBM Research Provides prescriptive guidance on how to build IaaS, PaaS, SaaS and service provider clouds using IBM technologies
Reflected in the design of
Cloud-enabled Cloud-enabled data data center center / / building building IaaS IaaS Platform Platform Services Services
CCRA 3.0
Cloud Cloud Service Service Provider Provider Building SaaS SaaS Building
Clouds IBM implements for clients IBM-hosted cloud services IBM cloud appliances IBM cloud products
Focuses on cloud specifics
Cloud Service Integration Tools
Business-Processas-a-Service
Sof tware-as-a-Service Operational Support Services (OSS) Platf orm-as-a-Service Business Support Services (BSS) Service Creation Tools
Radical cost reduction Achievement of high degrees of security, reliability, scalability and control
Consists of multiple detailed documents representing best-of-industry knowledge and insight
Consumer In-house IT Inf rastructure-as-a-Service
Inf rastructure
2012/13
CCRA Standardization ongoing
October 2010
Used in Cloud Launch and various customer/analyst sessions
October 2012
Release CCRA 3.0 Adoption Patterns Prescriptive guidance on IaaS/PaaS/CSP/SaaS
March 2009
Initiated CCMP Reference Architecture
Customers can benefit from IBMs experience in creating public, private and hybrid clouds with one common architecture with reusable assets or product recommendations.
Clients receive a quicker start to creating an industrial strength cloud with pre-defined use cases and documentation on the architectural requirements or decisions that must be made for security, service management, performance, scalability and virtualization.
Utilize sound architectural principles to speed development and reduce errors across the entire development process ensuring designs can scale for efficiencies and can fulfill important cloud requirements such as elasticity, self-service and flexible sourcing
Increased business flexibility with a common cloud reference architecture across deployment models (private, public or hybrid cloud implementations)
6
Delivers prescriptive guidance to architect solutions for IaaS, PaaS or SaaS with IBM product recommendations and roadmap to get on cloud journey Consists of various architectural work products representing best of breed IT industry knowledge and insight on how to architect, design, implement and manage clouds
Defines the business and technical requirements needed for various cloud roles and responsibilities such as the cloud consumer, the cloud provider and the cloud services creator
Is a modular framework that allows you to focus on the area thats most important for your cloud deployment (IaaS, PaaS, SaaS, CSP)
Provides the comparison blueprint to perform client cloud gap analysis and to identify integration points
CCRA 3.0 organizational structure - Prescriptive solution architectures per cloud adoption pattern
New four main workstreams have been added as part of the CCRA 3.0
Pre-3.0 content has been reworked in the context of 4 top-level workstreams
CCRA Leadership Team: CCRA Stefan Leadership Pappe, Team: Gerd Breiter, Anshu Kak, Michael M Behrendt, Robert Flaherty (PM)
Cloud-enabled Cloud-enabled data data center center (building (building private private IaaS, IaaS, as as a a mgd mgd service) service)
Platform Platform Services Services (building (building private private PaaS, PaaS, as as a a mgd mgd service) service) Leader:
Cloud Cloud Service Service Provider Provider (CSP2, (CSP2, commercial commercial XaaS) XaaS) Leader:
Joe McIntyre Tom Creamer
Building SaaS SaaS Building (using IBMIBM(using hosted hosted services) services)
Leader: Jeff Klink
Public Cloud RA whitepaper available on ibm.com: http://public.dhe.ibm.com/common/ssi/ecm/en/ciw03078usen/CIW03078USEN.PDF CCRA OpenGroup submission: http://www.opengroup.org/cloudcomputing/uploads/40/23840/CCRA.IBMSubmission.02282011.d oc
Services ExistingCloud & 3rd party services, Partner Ecosystems Cloud Service Integration Tools Cloud Service Integration Tools
Existing & 3rd party Business-Processservices, Partner as-a-Service Ecosystems Sof tware-as-a-Service Operational Business Support Support Services Services (OSS) (BSS) Operational Business Support Support Services Services (OSS) (BSS) Service Creation Tools Service Creation Tools
Security, Resiliency, Performance & Consumability Inf rastructure Governance Security, Resiliency, Performance & Consumability Governance
Platform Services - Management & deployment of middleware - Application Lifecycle Mgmt DevOps, Dev test - Cloud Service Integration Southbound integration with CEDC / IaaS
Advanced IaaS
Cloud Services Orchestration Storage Provisioning and mgmt Network Provisioning and mgmt Hybrid Cloud Integration Advanced Security (Identity & access mgmt, security information, events mgmt
10
4
AdvancedIaaS Services(VMs,Storage,Network ortheircombinations)
3
Complementsthefirstmacropatternbyadding governancecapabilitiesthatallowtoeffectivelymanage aspectslikeSLAs,security,resiliency,capacityplanning, etc forboththevirtualizedinfrastructurethatprovides thecloudserviceaswellasthecloudserviceitself.
VirtualizationManagement
KeyBusinessDrivers:
Decreasecostsanddeliverytimefornewservices AlignITServiceswithbusinessgoals Increaseservicelevelcompliance Centralizedaccounting&billing IndustrializationofIT
11 TheentrypointintheIaaS cloudspacesinceitallowsto startbuildingamultitenantcloudinfrastructureand modelforthedeliveryofsimpleVMS(configuredwith thepropernetworkandstorage)thatcoversthe70%of therequestscomingfromthedifferentbusinesslines.
2
SimpleIaaS Services(VMs)
1
2013 IBM Corporation
IT Asset Management
AdvancedIaaS Services Storage Provisioning & Automation Management Network Provisioning & Automation Management
Services Orchestration
Threat & vulnerability, identity & access, Security info and events mgmt
CloudManagement Virtualised Infrastructure Monitoring Capacity Management and Planning Endpoint Compliance & Management
CloudManagement
Event Management Backup & Restore Patches Management
SimpleIaaS Services(VMs)
Role & Authentication Management VM Image Construction Image Management EntrypointintheIaaS cloudspace.It allowstostartbuildingamulti tenantcloudinfrastructureand modeldeliveringsimpleVMS (configuredwithpropernetworkand storage)thatcovers70%of requestsfrombusinesslines. 2013 IBM Corporation
Cloud Management
12
CloudenabledDataCenterArchitectureOverview
AdvancedIaaS servicesintegratedwithITILprocesses Problem & Incident Management IT Asset Management Management Change & ITIL processesConfiguration integration License Management Service Desk Release Management
AdvancedIaaS Services Storage Network component ServicesOrchestration Provisioning Provisioning Services & Automation & Automation Orchestration StorageConfiguration NetworkConfiguration Management Management CloudManagement Virtualised Capacity HealthMonitoring & Infrastructure Management CapacityManagement Monitoring and Planning Event Events Management Management
Intrusionprevention vulnerability, identity & access, Security Log VirtualServer info and events mgmt Management Protection
Endpoint Compliance Patch Patches Management and & Management SecurityCompliance Management
SimpleIaaS Services(VMs) VM Role & Authenticatio provisioning VMs Provisioning Cloud & Onn Management boarding Management
1 0
Compute,StorageandNetworkVirtualizationlayer
13
CloudenabledDataCenterSolutionstack
AdvancedIaaS servicesintegratedwithITILprocesses Problem & Incident Management IT Asset Management Change & License Configuration SmartCloud Control Desk Management Management Service Desk Release Management
AdvancedIaaS Services Storage Network TivoliService Automation Services Provisioning Provisioning Manager/ SCO Orchestration SmartCloud Virtual & Automation TivoliNetCool & Automation StorageCenter ConfigurationManager Management Management VirtualizationManagement Virtualised Capacity Infrastructure Management SmartCloud Monitoring Monitoring and Planning Tivoli NetCool Event Omnibus, Management Impact
vulnerability, Intrusionprevention identity & access, Security VirtualServer Qradar Log info and events Manager Protectionmgmt forVMWare
SecurityNetwork
SimpleIaaS Services(VMs) VM Role & Cloud VM Image provisioning Authenticatio SmartCloud Provisioning Management Construction & Onn boarding Management
Required components Recommended components
Usage SmartCloud Image metering, Cost & Management accounting Management chargeback
14
4
Inadditiontothemanagedmiddlewarepatterns, applicationscanleverageadditionalserviceslike programmingservices(e.g.DBordatacachingservices) orintegrationservicesthatallowtointegratewith externalapplicationorpubliccloudsandtoimplement autoscalingandcloudburstingscenarios,Cloud Integration Complementsthefirstmacropatternbyadding governanceservicesthatallowtoeffectivelymanagethe SLAa andQoS aspectsoftheprovisionedmiddleware, likeforexampleresiliency,applicationperformance, security,etc..
Advanced/AutonomicPaaS Services
ManagedPaaS
KeyBusinessDrivers:
ReduceCAPEX(CapitalExpenditure)andOPEX (OperationalExpenditure)todeliverbusinessservices. DrivedownITcostsbyimprovingdeliverytimeand quality,andloweringrisksassociatedwithdeliveryof newITenvironmentstobusinessandsoftware applicationdevelopmentanddelivery.Increase flexibilityandintegrationbetweenmiddleware components.
15
2
TheentrypointintothePaaS space,itallowstomodel multitieredmiddlewarepatterns,exposethemas servicesintoaselfservicecatalogue,automatetheir deploymentandmetertheresourcesusedbythis service.
Foundations/SimplePaaS Services
1
2013 IBM Corporation
Integrated hardware & software solution is key factor No Broad hypervisor support including KVM, HyperV, Xen Interested only in PowerVM and vCenter Currently using IBM middleware and products for which patterns are available? No Yes Looking for application patterns? Yes Yes
SCAS
IPAS
SCP
SCP
IWD
16
For any other options a deeper analysis would be required 2013 IBM Corporation
PaaS
Paas basedLifecycleorPaaS basedDevOps Application Development Application testing Application Lifecycle Mgmt Application governance Application onboarding Continuous Delivery
Advanced/AutonomicPaaS Services Cloud services data cache, Service Registry routing, messaging
ManagedPaaS Services Identity management and Security Multi-tenancy / isolation License Management Workload/transaction Monitoring
Foundational/SimplePaaS Services Provisioning and automation services M/W Patterns deployment Metering
17
PaaS
ProcessOrientedPaaS Service Application Application Application RationalSuite lifecycle Application Application development testing CLM / RTC RTWtesting Management RSA/RAD Application Lifecycle Mgmt Development Application Application governance RAM governance Application Application on boarding RAF /AMC onboarding
Advanced/AutonomicPaaS Services Cloud services data cache, Service Registry IWD/ Pure App routing, messaging
ManagedPaaS Services
Multi-tenancy / isolation
Foundational/SimplePaaS Services Provisioning and M/W Patterns SmartCloud Provisioning/IWD automation services deployment
18
PaaS
Paas basedLifecycleorPaaS basedDevOps Application Development Application testing Application Rational Suite Lifecycle Mgmt Application governance Application onboarding
Advanced/AutonomicPaaS Services
Service Registry Cloud services data cache, routing, messaging
Workload Tivoli Workload Automation and Workload Scheduling Scheduler Services Scheduler
License
Workload/transaction
Foundational/SimplePaaS Services Provisioning and Provisioning/IWD M/W Patterns SmartCloud automation services deployment
19
Customer Applications Provider Applications Third Party Applications Cloud Aggregation White-label Cloud
Incorporate hosted Clouds built on IaaS and PaaS architecture from cloud-enabled data center and platform services solutions
20
Explanation
Extend cloud deployment to allow customers to host their applications.
Extend cloud to offer both Provider and Third-Party services Focus areas: Multi-tenancy, access control, service management
21
Maturity level 4
ProvidingappsasSaaS, verticalmarketopportunities ,Advancedstorefront,partner managemnet,advanced metering,paymentprocess, creditcardprocessing,B2C elemnet
Increased Capabilities
Maturity level 3
Librarystackprovidebackup asservice,storageasservice etc.basicstorefront,DR,get intoaggregation(google apps, amazon apps),Metering,get intoB2Belemnet
Maturity level 2
ProvideIaaS,PaaS with automationlikedevOps, PatchMgmt,takesnapshots, whitelabelservices.Process foronboarding
Maturity level 1
Basicresourcemanagement, providingbasicIaaS ,PaaS as services.Basicmeteringand billing smallscalewithlow automation
22
AdvancedCSP2Services Storefront SaaS integration Services Third-party IaaS/PaaS integration services Rating, Accounting, Billing
Provider management
Partner management
IaaS/PaaS services
Customer Mgmt
Access Mgmt
23
Hosted Services
Hosted VMs VMWare, KVM Compute: IBM xSeries, pSeries, PureFlex Storage: IBM v7000 Unified Network: Juniper, Cisco
24
User
Customer Manager
IBM Cloud Services Aggregation and Integration Pack IBM WebSphere Cast Iron Integration IBM WebSphere MQ / FTP (OS provided)
Integration Adapter
SaaS Management
IaaS Management
IBM Service Delivery Manager/SCO VMWare, KVM Compute: IBM xSeries, pSeries, PureFlex Storage: IBM v7000 Unified Network: Juniper, Cisco
25
Delivering a production-ready solution using only cloud services from one or more cloud providers. 2013 IBM Corporation
27
Different cloud deployment models also change the way we think about security
Private cloud
On or off premises cloud infrastructure operated solely for an organization and managed by the organization or a third party
Hybrid IT
Traditional IT and clouds (public and/or private) that remain separate but are bound together by technology that enables data and application portability
Public cloud
Available to the general public or a large industry group and owned by an organization selling cloud services.
Provider Less No
customization of security controls visibility into day-to-day operations to access to logs and policies and data remain inside the firewall
customization of security controls to access to logs and policies and data are publically exposed
Difficult
Applications
Applications
28
Infrastructure
Applications
People
Data
Mobile Security
Cloud Security
29
Resources
Publically available material
Whitepaper about the CCRA http://www-05.ibm.com/de/cloud/pdf/Gettingcloudcomputingright.pdf Redguide about the Cloud-Enabled Data center / IaaS adoption pattern http://www.redbooks.ibm.com/abstracts/redp4893.html?Open Redguide about the Cloud Service Provider adoption pattern http://www.redbooks.ibm.com/redpapers/pdfs/redp4912.pdf Academy TechNote about the CCRA http://www-05.ibm.com/it/cloud/downloads/Cloud_Computing.pdf CCRA Submission to the OpenGroup http://www.opengroup.org/cloudcomputing/uploads/40/23840/CCRA.IBMSubmission.02282011.doc
31
Thank you
IBM is a registered trademark of International Business Machines Corp. Other product and service names might be trademarks of IBM or other companies. See the current list of IBM trademarks: www.ibm.com/legal/copytrade.shtml.
32