It may be cliché these days, but I should point out that obviously nothing I
express here represents the views of my current or former employers. I’m
extremely grateful to them, and proud that I had, and continue to have, the
opportunity to work with so many great minds! However, their views are
completely their own and not in any way represented here.
Over the past several years I’ve witnessed first-hand the evolution of the current and coming Enterprise cloud. The cloud’s very concept challenges the traditional notions of how the Enterprise operates today, and has required careful re-examination of how these businesses think and work in the modern era. Due to my zealous interest in this area, this has led to a great number of on-going discussions with peers, colleagues, and others working this space. Thankfully, it has also led to some of the common observations, and trending solutions, described below.
What Enterprises REALLY Want
The Enterprise is a demanding entity which, thankfully, is driven solely by business logic. The giant companies of the world are not interested in technology because it is new, cool, or trendy. They are interested in how that technology will impact the bottom line. This is a simple, but key observation. Arguments for cloud technology have to be measured against, and impact, concrete business results.
So what cloud benefits does the Enterprise truly care about:
- Agility
- Faster time to market
- Reduction In Effort Hours
- Insight And Control
- Ability to more easily govern a huge landscape
- Lowering Costs
- Data center optimization
- Built-in disaster recovery
- Rapid Innovation
- Test ideas faster
- Ability to try new things and fail with less risk
- Ultimately, Google-esque IT infrastructure which never goes down
- Self-healing
- Auto-scaling
- Mass Orchestration
Dealing With Enterprise Governance
Why Govern IT?
Enterprise governance is a necessary evil, and often seen the biggest enemy of the cloud. However, without it, large companies could in no way could consider themselves to have compliance across their infrastructure. Today, these infrastructures are incredibly large, and a standard methodology for maintaining them needs to be in place. ITIL has certainly led the way, but currently poses some real challenges for cloud due to the Enterprise interpretation of so many tasks (often as manual processes.) Fortunately, more and more automation is being accepted, provided that the outcomes are the same and there is full transparency in the process.
A Standard Operating Environment
Maintaining an SOE is absolutely essential to Enterprise computing. When managing a large field of servers (sometimes in the 100,000s) businesses cannot tolerate lots of snowflakes (one-off servers.) To provide the most ideal landscape one wants to make certain every server is secure, patched, audited, compliant, etc. This process involves creating a set of SOEs by combining:
- A core OS at a specific patch-level (often Linux or Windows)
- A set of standard required products (Security, etc.)
- A standard set of products for a server role (Web, Database, etc.)
- All the necessary configurations for above
Software like Red Hat Satellite v6.x make this a central tenant of their product’s philosophy, and for good reason. Overcoming snowflakes and keeping servers compliant is critical to successfully managing modern IT. OpenStack opens up new doors for solving this problem. With a new delivery model, and a wide open cloud landscape, we are free to revisit how we build, deploy, and manage servers. Discarding traditional manual processes and relying on RESTful orchestration, image catalogs, and cloud services we can carve out new enforceable standards with ease. This leads to an interesting paradigm shift trending in cloud-enabled IT today:
Service Delivery Transformation
Many service delivery organizations are adopting new models for cloud. Common models involve delivering standardized “ready-to-go” application instances available through a catalog. This is a parallel to public cloud delivery models. However, this is quite different from the traditional service delivery work of setting up and micro-managing endless farms of servers. Thankfully, removing that burden, opens up new avenues for innovation and broader product support. Using emerging technologies like Docker and Puppet the delivery process is far more streamlined and template based. Further, adoption of data grid technologies and an Enterprise service bus make refactoring traditional applications to modern horizontal/elastic models much easier.
Template and Automate
Manually making classic “golden images” to place in Glance would certainly suffice; however, that is against the cloud concept of being inherently agile. We also need to concern ourselves with ease of deployment and absolute consistency. Finally, we need to maintain a careful verifiable record of these transactions. Therefore, creating and placing these templates in a version controlled repository like git makes a lot of sense. In the cloud era, these applications (or environment) architecture definitions will become the de-facto method for powering automation. They become the “single source of truth” from which to blueprint all of IT. Today these are often documented in common formats such as cloud-inits, dockerfiles, puppet manifests, and heat templates. New standards like TOSCA (which is intersecting closely with HOT) are starting to provide an agreed upon way to define even very complex architectures in a simple YAML file. Not only is the Enterprise becoming entirely virtual, but even the architectures for critical applications and environments are essentially becoming code.
With templates in place, automation becomes easy to accomplish. With all the infrastructure and applications defined in a repository, it is a simple task to invoke tools like disk-image-builder/oz, Heat and cloud-init, Puppet, and so on to perform the orchestration of your defined infrastructures. Providing that it is all hidden behind a nice service catalog (like OpenStack Murano), you are able to create a simple end-user experience which is wired to a Enterprise compliant, revisioned, controlled, and transparent automation process.
Pulling It All Together
Moving infrastructure to CI/CD is part of an evolution to the next-generation of cloud. Continuous integration and continuous delivery are excellent concepts for developers; however, until today infrastructure itself has not been defined in code. Through the cloud and this paradigm shift, the industry has encountered a brand new way to automate and deliver environments. Whole static DEV/QA environments can be replaced through integration of dev-ops processes with Jenkins and OpenStack. This can enable automated provisioning and testing on an isolated exact-replica of production environments. Further, when testing is complete, this infrastructure can be returned to the pool. Successful applications can be manually promoted, or automatically integrated into production with Canary/blue-green CI deployment patterns. Changes to upstream templates could even be set to trigger automatic (no-downtime) upgrading of infrastructure company wide. The possibilities are mind-boggling!
Notes On Event Based Management
When dealing with Enterprise inventory requirements, like integration with CMDBs or auto-ticketing systems, make ample use of the OpenStack AMQ. Many popular products, including CloudForms/ManageIQ, utilize this for addressing the record keeping necessary to support a constantly changing OpenStack environment. Simple integration with OpenStack event notification makes writing a custom implementation for most back-ends trivial.
The Future: Dawn Of The Immutable World
We are just at the cloud’s opening act of moving the Enterprise away from worrying about servers, and towards caring about workloads. As the idea starts to set in, the obvious implication of a world of transient servers becomes apparent. If these servers are indeed transient (just template-based cogs in a machine) — why should we ever access them directly. Wouldn’t we most desire these cogs to be unchanging and untouched. Ideally, these would only be modified though changes to a single Enterprise “source of truth” (git). The modern application-based cloud servers and new container technologies are providing a great path to the clever realization that we only care about “what goes in” and and “what comes out”. IMHO, the future Enterprise will eventually want everything “inside the box” to be completely immutable, governed, and transparent. No access directly to servers, and certainly no changes outside of git.
Let me know what you think, and if you have seen other trends (or flaws in the current ones), please point them out in the comments section below!
Footnotes
[1] Gartner Data Center Pool on Private Cloud Computing Drivers, Gartner, Private Cloud Matures, Hybrid Cloud Is Next, Thomas Bittman, September 6, 2013
Cloud Ninja 