jump to navigation

Governance for IoT, Hybrid Cloud, and Microservices January 8, 2016

Posted by Marty Wolfe in cloud, Hybrid Cloud, infrastructure, Netcentric, SOA, Uncategorized.
Tags: , , , , , , ,
add a comment

Back in June 2015, I described an approach to managing and governing a Hybrid Cloud environment.  It really is the last thing we think about. Just deploy a bunch of applications and data “into the Cloud” (whatever that means.. well it usually means “off premise” or “somewhere else other than in the data centers I have been using for a while”).

Coming this year, IBM is publishing a book on Hybrid Cloud and I have written the chapter on something called the Hybrid Governance Fabric.  A set of important characteristics and decisions in changing existing governance or establishing some kind of governance in the first place.  Since my original blog post, I have done several deployments of governance in large enterprises and wanted to share more thoughts on this.

Please keep an eye out for the book in mid 2016 (or let me know and I’ll send you a link when it’s published).  Take a look at the set of topics in the chapter.. and tell me what you think! Screen Shot 2016-01-08 at 10.32.27 AM

There really are a lot of parallels between this Hybrid Cloud deployment model and how we conduct our lives everyday.  Thinking about it more, spreading applications, software systems, and data sources across many different physical environments and using different technologies is really (or nearly) the same as what we now call the Internet of Things (IoT).  The need to technically and mechanically tie these components, microservices, and systems together is vitally important and it’s something that everyone is working on, as evidenced by the huge number of different platforms out there.

There are two important factors in actually determining how to make this combined set of components actually operable and usable in ways that ensure security, quality, and maintainability.

  1. The ability to leverage data and analytics to determine the best and most optimized combinations of services and “things”.  This is where not just analytics but Cognitive capabilities, like IBM’s Watson platform are key to making this work
  2. To ensure the reliability and maintainability of such a menagerie of interconnected systems, locations, people, and components it’s important to govern and manage these systems.  When you combine systems of engagement, systems of record, and systems of insights figuring out the location of your data or the root cause of problems gets just that more complicated.

So.. when you combine all of these services together, when they have to be interconnected and you have to protect your data, governance and visibility are key.

Keep a lookout for the book and your comments and thoughts are welcome.

 

Knowing If A Workload Should Move To The Cloud November 20, 2014

Posted by Marty Wolfe in cloud.
4 comments

After going through many IT transformations, migrating many different types of applications “to the cloud”, I took all those experiences and created a checklist.

Lots of checklists out there of course.. but I always come back to these 10 core points. So here’s my list, hope it helps, and I welcome your comments and recommendations.

In this list, each numbered item is a “domain” or “focus area”.. essentially a topic you must address and question when trying to figure the impacts of moving a workload to the Cloud. You might find that it’s just too challenging or too much trouble or you’ll find that even though there’s a good amount of effort, the overall value to your group, organization, or business outweighs the effort required.

These are not in order of importance.. they are all pretty important. Stream of consciousness thinking based on having done this many times.

Security and Compliance Focused on topics such as encryption, key management, regulatory compliance, compensating controls, intrusion detection, and auditing

  • Does the data need to be encrypted in flight or at rest (or both)? Do the transactions need to be encrypted?
  • Who will own management of encryption keys?
  • What types of auditing (e.g. level of detail or specific compliance) need to be supported once the workload is deployed?
  • What level of monitoring needs to be recorded and stored?
  • Will special intrusion detection (at the network, storage, and compute layers). What are the regulatory and/or compliance requirements (including FDA, HIPPA, PCI, FFIEC, etc.)?
  • Does the data need to stay within country and/or locale and does this include both application data and management system data?
  • Now that we are moving into the Cloud, are there compensating controls and/or reporting that can be put in place to achieve same result?
Capacity Capacity requirements (the initial capacity needs) and capacity management (the needs during steady state) are some of the first things to understand including how much compute, storage, and network capacity is required

  • What initial capacity is needed to get the system initially up and running (understanding that you can scale up later) ?
  • What is the steady state capacity needed?
  • If the workload is re-engineered / re-architected when moving into a Cloud environment, how do the capacity requirements change?
  • What are the different levels of capacity needed for development, test, QA, and production?
Connectivity The method for connecting from the existing enterprise network to a Cloud provider (like IBM’s SoftLayer) needs to be defined

  • What amount of bandwidth will be required for development, test, QA, and production deployments?
  • Are clients on the current network allowed direct workstation VPN client connectivity to an off-premise Cloud or must they go through a corporate VPN?
  • Is an IPSEC VPN required between the client and the IBM network?
  • Will the current environment and the target (cloud) environment be co-located in the same data center?
  • Will parts of the workload/application be located in different cloud data centers and across different Cloud providers? (e.g. leading to Hybrid Cloud)
Services Management (ITSM) Defining how incidents, problems, and changes (requests) are handled now that the workload will be running in the Cloud

  • What is the process/workflow needed to support incident, problem, and change management once a workload is deployed into a Cloud environment?
  • How do these processes need to change in development, test, QA, and Production contexts? (Experience tells us there will surely be changes needed especially in a “Hybrid Cloud” scenario
  • Monitoring – How will monitoring be performed and who will have access to the monitoring data?
Managed Services This topic is focused on providing management and oversight and is tightly linked to services management

  • Does corporate IT want full management from a vendor or partial “a la carte” management? (e.g. such as software patch management for a specific set of Cloud workloads, etc)
  • Will the vendor’s managed services (outsourcing) team be managing deployment of workloads to a single Cloud vendor or multiple ?
  • Metering – How will the use of the Cloud be measured? How does the client wanted to be charged? Will there be a need for an internal chargeback within the client’s environment?
  • Will the managed services vendor have visibility to the data or only ping, power, and pipe?
Performance Determining the level of performance (scalability, reliability, availability, etc) required once in the Cloud will guide many other decisions

  • When moved to the Cloud, will the same level of performance be required in development, test, QA, and/or production use cases?
  • How is performance measured?
  • Who will execute performance testing and will the same scripts and use cases be used once the workload is moved to the Cloud?
Roles and Access Focused on consumability and access of the workload once it’s deployed into a Cloud environment

  • Who will be accessing the workload? business users? IT administrators? Developers? Third party vendors?
  • How will each user group access the workload? via API? via UI? via Reporting? via status provided by S.O. ?
  • How will access and status of the workload be detemrined? Who will have access to monitoring data and how will they access it?
  • How will ID’s and the management of user IDs be managed and governed?
Data The ownership and location of data is vitally important

  • What is the location of data and how is that different as it relates to development, test, QA, and production?
  • Will the data be located separately from the application? (if yes, does that require it’s own secure connection?)
  • Is the data in scope of any specific compliance and/or regulatory requirements?
  • Who will own the data?
Deployment Model Where will the workload be deployed?

  • Is off-premise or on-premise required?
  • Does the workload map to existing items in the CMS or SoftLayer catalog?
  • Will this be BYOL?
  • Will it be deployed to a single or multiple environment(s)?
Workload Architecture and Integration The architecture of the workload and it’s external dependencies are important to know up front

  • Does the workload require integrations/connections to systems or data sources in other cloud or non-cloud environments?
  • Is the architecture of the workload ‘cloud ready’, ‘cloud native’, or requiring dedicated hardware, network, and storage resources?
    Will the application and data be separated or co-located?

Marty

Steve Jobs Describes Cloud .. in 1997.. cool October 6, 2011

Posted by Marty Wolfe in cloud, infrastructure, Net-Centricity, Netcentric, network enabled, SOA.
add a comment

So Cloud seems to make perfect sense when it’s described like this ..

Makes me feel good that this is just how I seem to describe it .. but 10 years behind Steve.

“NFS dialtone”

What a loss for everyone..

Netflix, AWS and Cloud July 15, 2011

Posted by Marty Wolfe in cloud, Netcentric.
add a comment

A really great article from Netflix.  It’s their perspective on the AWS outage, Cloud, and how it impacted their streaming service:

http://techblog.netflix.com/2011/04/lessons-netflix-learned-from-aws-outage.html

Cloud Client Insights January 30, 2011

Posted by Marty Wolfe in cloud, Uncategorized.
add a comment

A very good trip to Nice, France where I presented client experiences, from those that want to leverage the Cloud model. I focused on real-world insights and lessons learned.

Cloud is rapidly evolving in the eyes of clients, and this appears to be happening the world over, almost at the same time. Pretty amazing.

Terramark’s Data Center.. January 5, 2011

Posted by Marty Wolfe in cloud, infrastructure, Uncategorized.
add a comment

Really impressive facility in the center of Miami.. likely their Cloud data center.   Looks like there are doppler radar domes on the top (makes sense as Miami has a tendency to get hit by hurricanes.