Tuesday, November 27, 2012

Cloud Management Tools Bring Sanity to Cloud Operations

A cottage industry of Cloud management tools has emerged to solve many of the issues companies face as they move to the cloud, like multi-cloud deployments, costs, governance, and security (see my earlier post).   I had the chance to sit in on a live demo of enStratus last week to see how they attack the issues mentioned above.  The enStratus cloud management solution provides a suite of tools for managing a cloud infrastructure, gaining control of costs and providing governance without sacrificing the agility the cloud can provide.

Think of a cloud management tool as the front-end to your cloud IaaS deployments.  It allows IT to designate what types of systems can be setup and by whom.  Cloud management tools hides cloud-specific differences by abstracting them within the tool, allowing the geeks to focus on delivery and not worry about the variations between cloud providers.  This should result in lower training costs and make it easier to manage a multi-cloud environment, or, switch cloud providers.  

Some cloud management tools provide governance features.  For example, enStratus can be configured to allow the development team role to only deploy a AWS small Linux system instances with a certain configuration whereas the application deployment team role can choose any of the systems sizes and database offerings available when they deploy enterprise applications.  In addition, enStratus identity management features ensure consistent single point of control for everyone that has access to your cloud infrastructure.  These tools don’t eliminate the ability of anyone in the organization to setup a IaaS outside of IT control, but by enabling other teams to easily leverage the cloud  may reduce this risk and allow companies to get control of their cloud spend.

enStratus integrates with Chef and Puppet to utilize pre-built system cookbooks ensuring consistent configuration deployments which improves security and supportability of cloud deployments.  Also, IT admins can set auto-scaling policies that will be applied when creating systems in order to control costs.

Because enStratus manages all cloud deployments, it makes managing and predicting costs easier.  Not only can managers view reports that show predicted spend based on current service deployments, IT can set limits on how much various departments request.  This feature can cap the ability to create new systems that would exceed assigned budgets.  Finance departments can quickly see current spend compared to budget broken down by department as well as other dimensions.  

The cloud management tools that I reviewed provide some health monitoring as part of their product but it looks rudimentary.  A real test drive may be needed to understand the monitoring capabilities that these tools provide but having a single place to go will lower costs and confusion.  

The capstone feature to the cloud management tools are their multi-cloud support capabilities.  This ability not only allows IT to manage cloud deployments through one interface for multiple vendors, like Amazon and Rackspace,  but also private clouds built on Openstack and VMware.  Enstratus and others offer their product as software as a service or as an on-premise installation.  enStratus takes it a step further by being able to roll up your total costs across all of your clouds (something that the others I reviewed didn’t have).

Like the CloudPassage product that I reviewed, a breach to to the cloud management tool could compromise your entire cloud deployment.  enStratus knows this and has taken some interesting steps to harden their environment with encryption and the use of different keys per customer per system.  enStratus also has the ability to authenticate via LDAP/AD including multi-factor authentication via SMS token and support for SAML.  A careful review of the security measures implemented by each of the vendors will be important to any buying decision.

The enStratus value proposition is very compelling for large deployments.  The governance and budgeting features set them apart from the field of competitors. I really liked the way enStratus integrated Puppet and Chef, two of the top system configuration management tools in the industry.   enStratus is a product that I would recommend companies investigate.   

RightScale, another competitor in the cloud management field, supports multi-cloud deployments and private cloud management as well.  RightScale make reference to their “ServerTemplates”, as a way to quickly build cloud deployments based on reference systems.  The monitoring capabilities of RightScale seem to be a lot more capable than the two competitors covered here, and they support SAML 2.0 integration for IDM.  They also have some usage and cost reporting features as well but seem to lack controls based on budget limits.

SCALR, a third competitor that I looked at, may be the lowest cost because the on-prem option is free.  It supports Chef for configuration management, offered as SaaS and on-prem, and has multi-cloud support.  SCALR has a monitoring feature that will auto-initiate repair actions if it detects a failure, putting your systems back in service sooner and reducing your support costs.  SCALR also offers the ability to auto-scale MySQL which Amazon’s RDS service doesn’t.  It doesn’t look like SCALR has the governance and policy enforcement options that enStratus has, but that could change.  I liked the way SCALR takes systems out of a cluster (either for maintenance reasons or auto-scale-down), by stopping new sessions from using the system that will be removed and waiting until existing sessions are complete.

Cloud management tools do a good job of preventing many of the new issues that may come about as we move to cloud computing for enterprise class customers. But there are still a few holes left open.  Identity management, authorization, common logging, and application monitoring are a few that I’ll try to tackle in future articles.  

-- Chris Claborne
References & Related

1 comment:

  1. If your data is kept into your servers without any backups, any unfortunate event such as system crash, server fail-over, etc would leave you standing nowhere. You need to make sure your hosting provider or you manage your database and establish an effective backup plan so that even in-case you suffer from any server based crash you would still be able to observer seam less data recovery.

    Cloud Server Management