We know that IT as a Service optimizes the production and consumption of services based on the requirements of the business, that Every Component as a Service makes for an efficient delivery method, and that the federated cloud can create effective service-oriented business partnerships. Now, we are going to look at what makes it possible for IT to deliver services so quickly, securely, and with minimal cost.
For a hybrid cloud to function effectively and securely, there must be well-managed workloads. The old IT paradigm was one application plus the operating system functioning on one server. The old way made management of both the infrastructure and business services simple, but scalability and agility were not part of this paradigm. Virtualization, which breaks the tether between software and hardware, takes the preliminary steps toward realizing the hybrid cloud by allowing us to establish a set of manageable workloads that can be recalibrated in a manner consistent with the requirements of the enterprise. However, that is just the beginning of the story.
The user wants a service. The workload management system you put in place determines the quality and value of the service you deliver as well as its cost. The fundamental element—the workload—requires access to various resources, including processing power, storage, and network bandwidth. Its focus can be operational or business oriented.
A workload consists of an integrated software stack that includes just enough operating system (JeOS) to support the particular workload it runs, middleware to manage the communication among resources, and an application. A workload also has an identity that it uses to move between and run in physical, virtual, or cloud environments. It is the identity that allows policies to be associated with a workload. A workload, or an aggregation of workloads, creates a service that an end user can then consume.
The stylized vision of a workload shown in Figure 1 represents the relationship among the JeOS, which provides the support for the application, the application itself, and the middleware that manages resources that the workload requires.
Figure 1. A workload
For a workload to be optimally effective, it must be able to respond to change quickly while maintaining integrity and security. This need has engendered the intelligent workload management (IWM) paradigm.
Intelligent workload management
IWM is essential for the optimization of contemporary computing tasks. It presupposes an intelligent workload, which means that the workload must be policy driven, secure, and compliant.
An intelligent workload contains metadata that provides the information the workload needs to determine who is allowed to consume it, who has access rights to it, as well as who owns it. It knows what it is designed to do as well as what level of urgency the function has. It knows the best milieu for it to perform its function. It knows whether it can go into the public cloud or must stay private. It knows when it is approaching the limits of its capacity, triggering the management framework to dynamically add workload pools. An intelligent workload efficiently manages policy and compliance, ensuring observance while increasing agility and efficiency and decreasing cost. With IWM identity management, a workload implements tight security, enforces strict compliance, and facilitates portability.
IWM requires intelligent workloads, and intelligent workloads need software appliances. Software appliances provide the foundation on which IWM is built. A software appliance is the combination of an application and JeOS, integrated into one image optimized to run in a virtual machine (VM) on industry-standard hardware. Software appliances are also preconfigured, eradicating many data center issues related to configuration, installation, and maintenance.
The software appliance depicted in Figure 2 is the heart of the matter.
Figure 2. Software appliance
Software appliances provide the most profitable approach to building IWM-compliant workloads. It is a strategy based on the comprehension-driven utilization of operating system and policy-oriented tools used in workload construction, preparation, and migration. This approach is facilitated by the nature of the self-contained component structure.
The software appliance is key to the development of an efficient regime for migration of workloads and serves a critical function in the physical-system-to-virtual-to-cloud transference path. With efficient self-contained appliances, deployment and maintenance are accomplished without the over use of support staff for software configuration, updates, and the like. In addition, software appliances function in isolation and improve security. Any security problems that may affect the appliance are quarantined from the rest of the system.
The role of virtual software appliances—a critical subset of software appliances—is largely a function of packaging format and target platform. Each appliance image is dedicated to a unique virtual platform. Unlike a generic software appliance, it is specifically targeted for use in the virtual computing universe. When a software appliance is installed on a VM and packaged, it is transformed into a virtual appliance.
Traditional methods involve the installation of a software application in direct association with the operating system. The fact that the software appliance does not gives it much greater agility and ease of use. It simplifies deployment by alleviating the standard operating system concerns, such as compatibility.
Businesses are looking to the hybrid cloud as a solution that will reduce their costs and at the same time improve the scalability and flexibility of their business processes. The idea of dynamically moving workloads among various virtual and cloud resources based on current conditions along with the evident cost benefits and service level improvements can be quite intoxicating. However, this idea can't be allowed to override the operational controls that have been meticulously designed through time, experience, and policy or in any way increase risk to the business, however. When moving to a hybrid cloud model, the solution put in place must effectively support the security and privacy priorities of the business. It must reduce risk and protect confidentiality while defending computing resources and data integrity.
Security in the hybrid cloud is enhanced by IWM. IWM is able to provide integrated security and regulatory compliance along with manageability and portability. IWM also provides improved control of user access: Users are only allowed access to the information they are authorized to retrieve or alter.
IWM includes policy-driven workload management, which allows you to create standardized workload configurations powered by policy-driven regimes that regulate functionality. A policy-based IWM approach enhances security and compliance.
Much of the reluctance expressed related to moving to a hybrid cloud solution is the result of security and regulatory compliance concerns, which is why security must always be a major part of the service level agreement process. It is important to review vendor security and audit procedures to ensure compliance. A critical aspect of this process is verifying that your own configuration is in compliance—a key aspect of enhancing user security. Security must be jointly addressed by the enterprise and the cloud provider.
Comprehensive integration: banishing the silos
Integration is central to the hybrid cloud model. As the penetration of the hybrid cloud model intensifies, proper integration grows in importance. Extending a private infrastructure into the public cloud requires the creation of a finely honed solution that, to the end user, appears seamless. The business realities of the hybrid cloud demand solutions that provide an environment that is extremely flexible. This environment must integrate applications and services obtained from both inside and outside physical control of the enterprise. The aggregation of IT assets enables cost reductions and mitigates the enterprise's carbon footprint. The optimal use of the hybrid cloud model is based on how management, architecture, and other key stakeholders handle the fundamental issue of appropriate integration.
The hybrid cloud environment presents complex management challenges. To gain maximum benefit from the use of intelligent workloads, an enterprise must broaden the fundamental management and administrative methods put in place in support of the hybrid cloud's combined virtual and physical system. Most contemporary enterprises are still organized as silos. Each silo requires compliant and secure IT service management (ITSM) for workloads and business service management (BSM) asset tools for dashboards. Their governance and compliance mechanisms reflect a structure similar to that shown in Figure 3. The systems, service management, and governance for each area are isolated, causing the development and implementation of processes and procedures that are different and in some instances in contradiction to those of other areas.
Figure 3. Siloed approach
IWM replaces a siloed approach with a services-based approach that provides support for the physical, virtual, and cloud environments, as seen in Figure 4. The services-based approach provides the unity of purpose required to fulfill the vision of the hybrid cloud.
Figure 4. Service-based approach
In a hybrid cloud, intelligent workloads provide a means to remove the borders and eliminate the costly effects of the silo approach. Intelligent workloads make it possible to provide the same level of access to the management, security, monitoring, and compliance assets in the hybrid cloud available in the physical and virtual system components.
IWM environments must be constantly monitored. Accurate and timely information must be gathered to analyze present conditions and oversee compliance. IT must maintain a consistent assessment regime that monitors and maintains the desired functional level of delivered service. Doing so requires the timely identification of problems or patterns that are indicators of imminent system problems and interventions based on this knowledge to avoid outages.
Workload management requires tracking and careful administration and management if the system put in place is going to achieve the desired results. A proper tracking regime must be implemented for the reclaiming and reassigning of the workloads, managing changes provoked by peak hour usage, as well as special needs. In general, the manipulation and deployment of the capabilities and assets associated with the hybrid cloud must be managed and administered in the most efficient and profitable manner possible.
A window into the system must be provided to the business so it can evaluate performance and monitor its costs. This requires the use of management reports and dashboards that position workload consumption and performance level information in a manner that expedites the analysis of workload use in the enterprise's specific business context.
Use of policy-based automated management creates the conditions for pecuniary gain in that it reduces capital expenses (CapEx) and operational expenses (OpEx). This is a function of enhanced system operations and usage on one hand and improved implementation of business functions, such as maintaining the fundamental business activities with fewer negative events, on the other. These approaches and methods create the cornerstones of the IWM regime.
IWM is the key to IT as a Service. Using it, organizations can create efficient, safe, and compliant products and information services. The enterprises internalizing the benefits of this model are best positioned to maximize system resources, provide consistent access control and security, and control the operational and administrative costs that accompany virtualized workloads, which is essential for every enterprise that has or will embrace hybrid cloud computing strategies. Such a cloud configuration requires highly portable workloads that are in sync with all of the component parts of the system and comply with governance and security policies and constraints. The ability to abstract workloads from hardware and automate their management according to enterprise policy is critical.
Moving forward, the next and final article in this series will use our understanding of IWM and its role in the hybrid cloud as one of the fundamental pillars in the discussion of implementation considerations.
- Tivoli cloud product manager Robin Hernandez talks with Judith Hurwitz, author of Service Management for Dummies, Cloud Computing for Dummies, and Hybrid Cloud for Dummies, about "cloud done right."
- Cloud computing fundamentals (Grace Walker, developerWorks, December 2010) introduces the basics of cloud computing and construction, including the three basic components of the cloud: Infrastructure as a Service, Platform as a Service, and Software as a Service.
- Hybrid Cloud Integration or No Cloud is an Island (Marc-Thomas Schmidt, developerWorks blog, October 2011) describes the challenges involved with the integration of private and public clouds.
- Connecting to the cloud, Part 1: Leverage the cloud in applications (Mark O'Neill, developerWorks, April 2009) examines a few of the offerings from the major cloud platform vendors.
- Connecting to the cloud, Part 2: Realize the hybrid cloud model (Mark O'Neill, developerWorks, April 2009) explains how to implement a hybrid cloud application that combines local application components with cloud computing.
- Connecting to the Cloud, Part 3: Cloud governance and security (Mark O'Neill, developerWorks, June 2009) examines governance and security for cloud computing using the hybrid cloud application example begun in the previous parts.
- Review the information provided by the article New developerWorks survey shows dominance of cloud computing and mobile application development (Michael O'Connell, developerWorks, October 2010) and see where cloud computing will be in the next few years.
- Explore developerWorks Cloud Computing, where you will find valuable community discussions and learn about new technical resources related to the cloud.
- In IBM Smart Cloud, get valuable business advice to enhance performance and efficiency in the cloud.
- Read a collection of reports that outline the future directions of cloud computing from a symposium held in Brussels on 23 January 2010 titled, The Future of Cloud Computing.
- Learn about the Cloud4SOA initiative, which aims to combine three fundamental and complementary computing paradigms: cloud computing, service-oriented architectures (SOA), and lightweight semantics.
- Find valuable risk management information developed by the European Network and Information Security Agency.
- Read Cloud Computing - A Primer for a basic understanding of cloud computing.
- Read the cloud computing white papers developed by Cisco Systems Cloud Computing for the company's view of networks in the cloud.
- Stay current with developerWorks technical events and webcasts focused on a variety of IBM products and IT industry topics.
- Follow developerWorks on Twitter.
Get products and technologies
- Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, use a product in a cloud environment, or spend a few hours in the SOA Sandbox learning how to implement service-oriented architecture efficiently.
- Get involved in the developerWorks community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.