Tuesday, November 27, 2012
Plan Before You Cloud
IT has a history of solving problems, but in the process, creating new problems that must be dealt with in the future. For example, back in the early days, IT helped the business digitize everything but as they did that, they ran into scaling issues, and then had to invent a way to store and access all of that data. Businesses are moving to the cloud to lower costs, improve agility, and scale to meet new demands of their customers. But without proper planning, the potential to create a lot of new cleanup projects still exist when moving to the cloud.
IT’s internal customers are growing accustomed to higher availability (almost zero downtime) as well as better response times from their applications. Much of this is driven by the experience users get from consumer and emerging business apps on the web like Gmail and search.
To meet these expectations, cloud infrastructure as a service (IaaS) and local virtualized environments make it easy to build systems comprised of compute clusters that provide scalability, deliver higher performance and meet high-availability demands. Unfortunately, it’s almost too easy. Anyone in with a credit card can easily launch new cloud services.
Allowing anyone in the business to create compute instances will most likely expose the company to potential security vulnerabilities, and possibly adding to a new mess that will have to be cleaned up by IT later, thus eroding support budgets. Security is quickly becoming one of the biggest concerns whether internally hosted or externally hosted, especially for applications that need to be available outside a company for employees, customers and partners.
The number of compute instances that IT has to maintain is going up. IT groups that once delivered an application service with a single system now have to manage four or more virtual instances to deliver redundancy and gain higher performance. For higher availability, some organizations implement duplicate environments within two computing sites to protect against site wide failure in power or network infrastructure. With Amazon’s AWS, this duplication and redundancy can be configured in just minutes, which is one of the huge advantages of using AWS. Doing this for one application is manageable, but what about for 10 or 100s of systems? In addition, each of these applications may also have associated development and test environments. It gets even crazier when a company uses multiple cloud providers.
Although large enterprise configuration management isn't anything new, the needs have changed with the advent of virtualization and cloud computing. As I mentioned in an earlier article regarding the need to address system configuration consistency to combat possible security holes, consistent configuration becomes a concern for every piece of your application, not just firewall settings. As the number of systems grow, so does supportability, especially if all of these systems start drifting into different configurations.
Identity management will quickly bubble back to the top when going to the cloud. IT departments have leveraged private directories built on MS Active Directory or LDAP for years but as they move to the cloud, their single sign-on solution could crumple. Just when IT thought they closed the book on the single sign-on problem, it has been re-opened. The same goes for authorization; schemes that worked across all systems internally need to be exposed to cloud based apps or re-engineered.
Finally, cost management can spin out of control as companies grow their cloud usage. With flexibility and ease of spinning up cloud services in minutes brings unpredictability of cost. Cloud providers make it easy to consume their service and quickly spin up new servers, the down side is the cloud invoice may be a real shocker when it arrives. Like the rest of the business, IT managers have a budget they have to work within and the cloud providers don’t make it easy to plan and monitor consumption. CFOs hate variability of costs, especially if they can’t predict it.
As businesses move to the cloud, a lot of advanced planning is definitely in order. When it comes to infrastructure as a service, IT groups will need tools that ensure they build consistent supportable systems that are secure. In addition IT groups will need to monitor and show their management that can move fast while keeping a handle on cost. They also need to ensure that their processes and tools are “cloud ready”. For example, can your existing tools monitor the health of systems now that they live in the cloud?
Take a look at my next article on cloud management solutions that help resolve some of these issues.
-- Chris Claborne