jump to navigation

Knowing If A Workload Should Move To The Cloud November 20, 2014

Posted by Marty Wolfe in cloud.
trackback

After going through many IT transformations, migrating many different types of applications “to the cloud”, I took all those experiences and created a checklist.

Lots of checklists out there of course.. but I always come back to these 10 core points. So here’s my list, hope it helps, and I welcome your comments and recommendations.

In this list, each numbered item is a “domain” or “focus area”.. essentially a topic you must address and question when trying to figure the impacts of moving a workload to the Cloud. You might find that it’s just too challenging or too much trouble or you’ll find that even though there’s a good amount of effort, the overall value to your group, organization, or business outweighs the effort required.

These are not in order of importance.. they are all pretty important. Stream of consciousness thinking based on having done this many times.

Security and Compliance Focused on topics such as encryption, key management, regulatory compliance, compensating controls, intrusion detection, and auditing

  • Does the data need to be encrypted in flight or at rest (or both)? Do the transactions need to be encrypted?
  • Who will own management of encryption keys?
  • What types of auditing (e.g. level of detail or specific compliance) need to be supported once the workload is deployed?
  • What level of monitoring needs to be recorded and stored?
  • Will special intrusion detection (at the network, storage, and compute layers). What are the regulatory and/or compliance requirements (including FDA, HIPPA, PCI, FFIEC, etc.)?
  • Does the data need to stay within country and/or locale and does this include both application data and management system data?
  • Now that we are moving into the Cloud, are there compensating controls and/or reporting that can be put in place to achieve same result?
Capacity Capacity requirements (the initial capacity needs) and capacity management (the needs during steady state) are some of the first things to understand including how much compute, storage, and network capacity is required

  • What initial capacity is needed to get the system initially up and running (understanding that you can scale up later) ?
  • What is the steady state capacity needed?
  • If the workload is re-engineered / re-architected when moving into a Cloud environment, how do the capacity requirements change?
  • What are the different levels of capacity needed for development, test, QA, and production?
Connectivity The method for connecting from the existing enterprise network to a Cloud provider (like IBM’s SoftLayer) needs to be defined

  • What amount of bandwidth will be required for development, test, QA, and production deployments?
  • Are clients on the current network allowed direct workstation VPN client connectivity to an off-premise Cloud or must they go through a corporate VPN?
  • Is an IPSEC VPN required between the client and the IBM network?
  • Will the current environment and the target (cloud) environment be co-located in the same data center?
  • Will parts of the workload/application be located in different cloud data centers and across different Cloud providers? (e.g. leading to Hybrid Cloud)
Services Management (ITSM) Defining how incidents, problems, and changes (requests) are handled now that the workload will be running in the Cloud

  • What is the process/workflow needed to support incident, problem, and change management once a workload is deployed into a Cloud environment?
  • How do these processes need to change in development, test, QA, and Production contexts? (Experience tells us there will surely be changes needed especially in a “Hybrid Cloud” scenario
  • Monitoring – How will monitoring be performed and who will have access to the monitoring data?
Managed Services This topic is focused on providing management and oversight and is tightly linked to services management

  • Does corporate IT want full management from a vendor or partial “a la carte” management? (e.g. such as software patch management for a specific set of Cloud workloads, etc)
  • Will the vendor’s managed services (outsourcing) team be managing deployment of workloads to a single Cloud vendor or multiple ?
  • Metering – How will the use of the Cloud be measured? How does the client wanted to be charged? Will there be a need for an internal chargeback within the client’s environment?
  • Will the managed services vendor have visibility to the data or only ping, power, and pipe?
Performance Determining the level of performance (scalability, reliability, availability, etc) required once in the Cloud will guide many other decisions

  • When moved to the Cloud, will the same level of performance be required in development, test, QA, and/or production use cases?
  • How is performance measured?
  • Who will execute performance testing and will the same scripts and use cases be used once the workload is moved to the Cloud?
Roles and Access Focused on consumability and access of the workload once it’s deployed into a Cloud environment

  • Who will be accessing the workload? business users? IT administrators? Developers? Third party vendors?
  • How will each user group access the workload? via API? via UI? via Reporting? via status provided by S.O. ?
  • How will access and status of the workload be detemrined? Who will have access to monitoring data and how will they access it?
  • How will ID’s and the management of user IDs be managed and governed?
Data The ownership and location of data is vitally important

  • What is the location of data and how is that different as it relates to development, test, QA, and production?
  • Will the data be located separately from the application? (if yes, does that require it’s own secure connection?)
  • Is the data in scope of any specific compliance and/or regulatory requirements?
  • Who will own the data?
Deployment Model Where will the workload be deployed?

  • Is off-premise or on-premise required?
  • Does the workload map to existing items in the CMS or SoftLayer catalog?
  • Will this be BYOL?
  • Will it be deployed to a single or multiple environment(s)?
Workload Architecture and Integration The architecture of the workload and it’s external dependencies are important to know up front

  • Does the workload require integrations/connections to systems or data sources in other cloud or non-cloud environments?
  • Is the architecture of the workload ‘cloud ready’, ‘cloud native’, or requiring dedicated hardware, network, and storage resources?
    Will the application and data be separated or co-located?

Marty

Advertisements

Comments»

1. dad - December 6, 2014

Very impressive. We’ll written on.point.

2. Fallon - December 8, 2014

Great resource! Thanks!

3. Suresh Bhat - January 23, 2015

Excellent article. Do you have something that might accompany this in the case where a prospect does not know how to answer / measure these in the first place for eg.. how would they know to provide a measure of required capacity?

Marty Wolfe - January 25, 2015

Hey Suresh. If you are asking about the ‘decision tree’.. how to choose the right answer to each, etc?. I am working with an IBM team to codify that, but it’s largely based on experience and wisdom.

More specifically, the measure of capacity is typically in whatever way a organization measures it. Often it’s pretty common.. when you talk about server capacity, or storage, or network.. and how that relates to a ‘cloud workload’.. this is governed by a couple of approaches..
1. like for like — just match current with target configuration
2. minimally sufficient — there’s probably data on what the typical load is, so provision cloud servers with that in mind, understanding that you could add more if and when needed.

Are you with IBM? .. reach out on Sametime, happy to discuss further.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: