Building the Next-Generation Datacenter – A Detailed Guide / Stage 4
Dynamic data center
Mar. 1, 2011 03:15 PM
In parts one, two, and three of this article, we provided a brief overview of the CA Technologies virtualization maturity lifecycle, and focused on the server consolidation, infrastructure optimization, and automation & orchestration stages of the lifecycle. The capabilities described in each of those stages provide an essential foundation for a dynamic datacenter, which is an IT environment that not only supports the business but, at times, is part of the product delivered by the business. It is an agile IT environment, built on top of an optimized and automated virtual infrastructure, that is:
- Service oriented: Delivering on-demand, standardized services to the business (internal customers, partners, etc).
- Scalable: With the ability to span heterogeneous physical, virtual and cloud environments.
- Secure: Providing security as a service to internal / external customers.
Agility Made Possible
The dynamic data center is neither a one-size-fits-all solution, nor an endless pit where CIOs should invest money and resources to obtain capabilities not needed for their business. However, IT organizations trying to build a dynamic data center face some fundamental challenges such as:
- Delivering a standard set of tiered-services (with well defined SLAs) that are consumable by business users.
- Service oriented automation and orchestration that spans heterogeneous physical, virtual and cloud environments.
- Ensuring security, compliance and QoS for the entire service.
- Providing a comprehensive service interface that serves as a visual communication tool between IT and the business.
The following section summarizes the basic tasks and capabilities required to build and maintain a dynamic data center that allows IT departments to serve as an agile service provider and drive competitive differentiation for the business.
Following is a high-level project plan for a sample scenario that would be part of achieving a dynamic data center. The timelines and tasks mentioned in Table 1 present a broad outline for a mid-tier IT project that is focused on supporting expanding business initiatives with agility. Forward Inc has identified a lucrative opportunity in offering one of its internal services (e.g. billing, shipping, order management, Electronic Medical Records, etc.) to a host of new local and international partners. This would not only allow Forward Inc to profit from its IT investments, but also provide valuable services to its partners - thus helping improve partner retention / expansion.
The project assumes the availability of an optimized infrastructure with comprehensive automation and orchestration capabilities (as discussed in the previous three stages in this series). The 4-6 person implementation team suggested for the project is expected to be proficient in project management, virtualization design and deployment, security management, and systems management.
Table 1: Dynamic Data center project plan
A successful dynamic data center project necessitates a structured approach which should consist of the following high-level tasks. Each task includes key objectives and possible challenges, articulates a successful outcome, and more.
Service design is the first and most important step in building an agile IT environment, and should be conducted in close collaboration with the business. Some key service design considerations include:
- Modularity: With the ability to source the service internally or from external vendors.
- Heterogeneity: Allowing flexibility and avoiding vendor lock-in.
- Compliance: Taking into account internal and partner compliance, information protection, and audit requirements.
This task should involve the creation of service tiers (gold, silver, etc.) - for example, a tier 2/tier 3 service offering would not have the same level of storage and business continuity/disaster recovery (BC/DR) capabilities associated with it as a tier 1 service. These and other related decisions should be taken after close collaboration with product management, security, compliance, network, storage, and other component owners of the service.
Enable Automated Service Provisioning
Automated service provisioning is the ability to provision, on demand, an instance of the service in a private, public or hybrid cloud. Some of the tasks involved in this process include:
- Performing workload migrations, if necessary, of service components (servers, applications, databases, etc).
- Automating provisioning of the entire service infrastructure using template based provisioning capabilities offered by next-generation automation tools.
- Orchestrating integrations between the service components - this includes approval workflows, integration with change & configuration management systems, helpdesk software, etc.
With the ability to provision across multiple platforms, IT organizations will retain the flexibility to in-source or outsource the entire service or components of it, to public or private data centers.
Provide Security and BC/DR for the Service
The security in context here builds on the already optimized and automated infrastructure discussed in the previous sections (which includes IDS, IPS, Firewall, VLAN and PUPM capabilities). The capabilities discussed below are necessary considering the dynamic nature of service in context, and include:
- Installing security policies on the VMs associated with the service, and providing for the appropriate policy to be in place irrespective of the VM location (i.e. within an internal production/staging cloud, or external cloud).
- Implementing Web access management software to permit only authenticated and authorized users to have access to critical resources within the service.
- Using identity federation technologies to maintain a clear distinction between the identity provider (partner) and the service provider (business).
- Providing for backup and high-availability of the service.
Security is one of the top concerns in the minds of the business as any major breach can not only cause financial damage but also affect customer loyalty and brand image. In addition to securing the service, the abovementioned capabilities also allow IT to leverage security services for business enablement.
Ensure service assurance
The modular and scalable nature of the service, coupled with the dynamic nature of the virtual environment, necessitates service-centric assurance - the ability to monitor the availability and performance of the service (application plus the underlying infrastructure) as a whole. This task involves:
- Building and maintaining an end-to-end model of the infrastructure supporting the service.
- Real-time monitoring of events and notifications from the service components.
- Providing a dashboard for customers to view service availability / quality status.
- Serving data to SLA management tools regarding service availability, performance, etc.
Monitoring of service components in silos is not only cumbersome, but can fail to detect critical inter-dependent errors. Service-centric assurance significantly reduces management costs by providing a single portal for administration, improving service quality and reducing risk.
Implement service contract management and chargeback
In today's competitive business environment, accountability and transparency are essential to maintain customer satisfaction. To do so, IT organizations need to define, manage, monitor and report on their SLAs in a timely manner. To enable this, IT analysts should:
- Define easy-to-understand SLAs. This definition should include metrics such as system availability, help desk response times, mean time to repair (MTTR) for reported problems, etc.
- Aggregate service level information from disparate operational systems (network monitoring solutions, application monitoring solutions, help desk systems, etc.), and compare it to performance objectives for each customer.
- Report on these SLAs in a scheduled manner, and tie them back to the chargeback system.
Performing these tasks manually or on a project basis will not be sustainable over the long run. Automated service contract management and chargeback capabilities are essential to allow the end customer to track, on demand, the responsiveness of IT services. In addition, chargeback capabilities should be linked to contract management - thus ensuring customer satisfaction with service delivery, and easing the burden of financial accounting.
Integrate with / Implement a Service Catalog
A service catalog serves as a front end for IT to interface with business users. It is a perfect portal for publishing role-based services to internal / external users, allowing them to subscribe to services delivered by IT. Organizations that have already implemented a service catalog should look to publish this service within the existing catalog implementation. Since the end consumer for the service is most probably a business user, it is essential to ensure that the service is easily described in business terms instead of technical jargon.
Service desk integration is also essential as there is generally a learning curve involved with new services. A good service desk and related knowledge base implementation prevents IT from being inundated with individual requests.
Monitoring, Production Testing, and Final Deliverables
The monitoring and production testing requirements for this project will be similar to the ones discussed in the previous stages in this series. In addition, the large scope of the project might necessitate a structured beta program with a controlled group before the service is rolled out to a large audience of partners.
Virtualization is a relatively new technology, and not all IT organizations have strong in-house expertise or experience with virtualization implementations. The CA Technologies Virtual Infrastructure Lifecycle Methodology described in Figure 1 is an excellent example of leveraging enterprise experiences and industry best practices to carefully navigate each stage of virtualization adoption. It helps ensure that the key aspects of virtualization are accounted for and addressed, thus enabling a smooth deployment without the remediation delays that are common to many virtualization initiatives. The Virtual Infrastructure Lifecycle Methodology is based upon actual practical experience gained from the delivery of virtual infrastructure to many Fortune 500 enterprise environments.
Figure 1: Virtual Infrastructure Lifecycle Methodology