All Posts in “Cloud Architecture”

Enterprise Solutions Design Musings

/ / @Mike_Colson, Cloud Architecture, Enterprise Design Considerations, Enterprise Solutions, vSpecialist / Leave a Reply

I was recently involved in a conversation about an enterprise solution proof of concept. The solution itself would be successful but the user access and authentication is where I got hung up. The questions I asked were around the number of users that would be accessing the solution and how many simultaneously.

Some of the other engineers in the room looked at me like I had two heads, my guess is they were worried about scaling the solution itself to meet the potential 500K+ user count. But then I asked how many Active Directory servers they were planning for the production environment to support the authentication requirement or if there was a plan to off load authentication through an appliance or another solution.

Read More

Would you like to Swing on a Cloud?

/ / @Mike_Colson, Cloud, Cloud 101, Cloud Architecture, Cloud Tiering Appliance, EMC, Solutions, ViPR, vSpecialist / Leave a Reply

It’s funny how conversations and new environments can stoke creative juices to make more posts. I recently was involved in talking about IT transformation and cloud. During the conversation the customer who was a solutions architect said that their mission was to make “cloud happen”. I laughed and expressed my sympathies it wasn’t my first time hearing this statement. It takes more than just words to transform a business from a corporate datacenter to a Software Defined Cloud Juggernaut. That’s surprising I know, there are some C level folks thinking but I just enter my AMEX number into Amazon and I get cloud.

While that’s true, the reality is to be transformative means you have to understand what it is you are getting into, and more importantly, WHY? Cloud is an awful term used to describe an architecture. I have written before about the types of “cloud” but how do you manage it once you get there. What is it that you will use cloud for? Is it going to be for application development? Rapid deployment and easily built and torn down architectures? How do you utilize the hardware that is already a sunk cost, and how do you plan for the future procurements?

That’s a lot of questions which lead me to ask, how do you plan for your organization to consume cloud? Do you want business units to be able to “self-provision” or do you plan to have your IT department manage requests for provisioning of IT resources? The idea of having a third party managing the requests is also an option though it presents its own unique challenges and questions, of outsourcing the labor as well as your corporate data.

Let’s say for a moment that architecture is settled either via a reference architecture or a public cloud services provider. There are still policy questions that need to be asked, such as: Who is authorized to provision more resources? What tier of service is this individual or group of individuals allowed to request? Is there business unit or line or business chargeback for consumption? What is and is not allowed to be placed in the cloud environment? The last question bring about the issue of security and what policies will be put in place to ensure data in the cloud is protected, safe, and removable. (If your proprietary data gets stuck in a cloud providers data center with no way to retrieve or secure it, is it really yours?)

Not all of these questions are easily answered and they require multiple pieces to make the puzzle whole.

Provisioning of storage can be done with multiple tools, ViPR which I have mentioned before is built to work with VMware Cloud Automation Center, OpenStack, and Oracle. Through these tie ins multi-tenant, multi-vendor solutions can be quickly deployed and automation tools like Razor and Puppet can help to ensure work flow success.

Products like Afore can ensure data encryption occurs across multi-tenant environments. The slick piece here is it’s multi-keyed, which means each tenant environment is encrypted with unique keys, and those keys can be maintained in corporate owned LDAP or RSA Data Protection Manager. So even if the data sits on a public cloud the key is maintain and managed within the corporate security framework. Making the data useless to any external persons with malicious intent.

Backup and recovery solutions such as Data Domain, and Recover Point can ensure data availability and recovery. When used in combination with VMware SRM point in time regeneration not dependent on replication time can quickly improve RTO.

As always there is so much more to go into with each of these products. As I dive deeper I will share more and try to pass my lessons learned along.