Page 1
29.09.2011
1
Data Center Consolidation and
Cloud Computing in Government ICT
It is a Matter of Time
John R. Savageau
Los Angeles, California
[email protected]
Topics
• Data center consolidation
• Disaster recovery and business continuity
• Introduction to cloud computing
• Moldova case study
• Government roles in cloud computing
Page 2
29.09.2011
2
Every Day Dynamics
Data Center
Consolidation
Business
Continuity/
Disaster Recovery
Technology
Refresh CyclesChanging/Enabling
Applications
Meeting Point
For
Cloud Computing Discussion
Urg
en
cy
Pla
nn
ing
Government Government
Data Center Data Center
ConsolidationConsolidation
Not just an issue for
US – it is a common
issue for nearly all
governments
Page 3
29.09.2011
3
Data Center Consolidation
• Adopt modern technologies and practices that will improve
the effectiveness and efficiency of data center use
• Consolidate data centers in a model that will reduce
duplication and un-necessary costs for base ICT infrastructure
• Match national objectives and business needs to ICT utility
and protection of national data
VISION: Create a whole-of-government approach to data centers, disaster
recovery, and business continuity. Provides standards and integration of the
government’s ICT infrastructure matching a wide range of government
information needs in an optimal manner with regard to interoperability,
development agility, cost, energy use, and operations.
Australia
Traditional vs. Cloud in Data Center
Traditional Data Center
• One user, one cabinet or suite in data center
• One application per server or cluster
• Dedicated storage for a single application
• Average utilization <20%
• Separate switching and telecom
• Separate/individual licenses
Cloud Processing Center
• One infrastructure, many
users
• One application per virtual
server
• Shared processing resource
• Shared storage resource
• Average utilization >75%
• Shared switching and telecom
• Volume licensing
NASCIO
Page 4
29.09.2011
4
Surveys – National ICT Infrastructure
• Obsolete or unsupported h/w, s/w
• Incompatible systems
• Old or non-existent documentation
• Loss of skilled or experienced staff
• Inability to meet business requirements
• Data security shortfalls– Disaster recovery
– Standard access controls
Data Center Reviews
Suitability Offsite Expansion
Location to Task Size Air Conditioning Power UPS OSS/BSS Telecom DR Security Plans Comments
Jakarta Kominfo 6th Floor Small Spot NMS 1 no Medium Yes
Jakarta Kominfo 2nd Floor Small Spot NMS 1 no Medium Yes Single use facility
Batam Medium Central/Dry NMS 1 no Medium Yes Low power
Samarinda Small Spot NO 1 no Medium Yes
Cyber Center Large Chilled Water OSS/BMS >20 no High Yes Best observed - Carrier hotel/IXP/Colo
Ministry of Agriculture Small Spot NMS 1 no Low Yes No power available for expeansion
PLN Jakarta Medium Central/Dry NMS 3 no Medium Yes Moving facility
IDC Batam Medium Central/Dry OSS 5 no Medium Yes Small colo, adequate
Ministry of Public Works Small Spot NO 2 no Low Yes Small , low power, not all on UPS
Bureau of Statistics Medium Central/Dry NMS 1 no Medium Yes Good facility, requires DR
Ministry of Finance Medium Central/Dry NMS 2 no Medium Yes Good facility, moving
Unsatisfactory 1
Marginal 2
Adequate 3
Good 4
Exceptional 5
Page 5
29.09.2011
5
Why Some Resist Consolidation
NASCIO – National Association of State CIOs
Overall, resistance to data center consolidation is
not a technical issue, it is based on personal reasons.
Disaster Management
Page 6
29.09.2011
6
Disasters do Happen…
•• How well will you be How well will you be
prepared when it happens prepared when it happens
to your data center?to your data center?
•• Is your critical national Is your critical national
data protected?data protected?
Disaster Recovery Planning
• International DR/DRC/BCP standards
– NFPA 1600 (Process and Planning)
– ISO 24762
– BS 25999 (UK)
– COBIT/ITIL
• Main objectives
– Safeguard data
– Respond quickly
– Restore operations
There are good international
standards for disaster recovery and
business continuity, as well as
mature application support. The
problem is getting plans off
PowerPoint slides and into
implementation.
Page 7
29.09.2011
7
Intro to Cloud Computing
It is Just a Matter of Time
A Matter of Time
• We need to start the discussion someplace, and
defining cloud computing is that place
• Cloud computing is still an evolving paradigm. Its
definition, use cases, underlying technologies,
issues, risks, and benefits will be refined and better
understood with a spirited debate by the public and
private sectors.
• This definition, its attributes, characteristics, and
underlying rationale will evolve over time. (NIST)
Page 8
29.09.2011
8
NIST - The Most Common Cloud Frameworks
"Cloud computing is a model for enabling convenient,
on-demand network access to a shared pool of
configurable computing resources (e.g., networks,
servers, storage, applications, and services) that can
be rapidly provisioned and released with minimal
management effort or service provider interaction”
11%
36%53%
New Applications
Development
Existing Applications
Maintenance
Infrastructure (IT
Equipment/Facility)
ICT Operational Costs
ICT Spending in
Traditional Large
Organizations
A major objective of cloud computing is to
return as much budget/funding to new
applications development and innovation as
possible by relieving individual organizations
of infrastructure cost and operations burden
Various Sources
Page 9
29.09.2011
9
Economics of Virtualization
From Berkeley “Above the Clouds”
• We plan for peak use
• Most resource remains unused
Traditional IT Equipment Use
• Normally less than 20%
• Consolidation increases performance
• Virtualization reduces cost
Move to
Virtualization
Overall Compute
and Storage
Resource Capacity
Unused or Wasted Resources
Turn Off
Until Needed
Page 10
29.09.2011
10
Cloud Service Essential Characteristics
• On-demand Self-service. Users provision computing and storage
capabilities.
• Broad Network Access. Compute, software, and storage resources
are available through a network connection.
• Resource Pooling. Compute resources are pooled to provide a
single resource to be assigned and reassigned according to user
demand.
• Rapid Elasticity. Compute and storage capabilities can be rapidly
and elastically provisioned, in some cases automatically, to quickly
scale out, and rapidly released to quickly scale in.
• Measured Service. Cloud management systems automatically
control and optimize resource use by leveraging a metering
capability at some level of abstraction appropriate to the type of
service used.
Cloud Service Models
IaaS
PaaS
SaaS
Wikipedia
• Infrastructure as a Service/IaaS. The capability provided to the
consumer/user to provision processing, storage, networks, and other
fundamental computing resources where the consumer/user is able to
deploy and run arbitrary software, which can include operating systems
and applications.
• Platform as a Service/PaaS. The capability provided to the consumer/user
to deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages and tools supported by
the provider.
• Software as a Service/SaaS. The capability provided to the consumer/user
to use a software provider’s applications running on a cloud infrastructure.
Each layer builds on the previous layer
Page 11
29.09.2011
11
Cloud Deployment ModelsNIST Deployment Models
Cloud Model Cloud Description
Private CloudThe cloud infrastructure is operated solely for an organization. It may
be managed by the organization or a third party and may exist on
premise or off premise.
Public CloudThe cloud infrastructure is made available to the general public or a
large industry group and is owned by an organization selling cloud
services.
Hybrid Cloud
The cloud infrastructure is a composition of two or more clouds
(private, community, or public) that remain unique entities but are
bound together by standardized or proprietary technology that
enables data and application portability (e.g., cloud bursting for load-
balancing between clouds).
Community
Cloud
The cloud infrastructure is shared by several organizations and
supports a specific community that has shared concerns (e.g., mission,
security requirements, policy, and compliance considerations). It may
be managed by the organizations or a third party and may exist on
premise or off premise.
InterCloudAn interconnection by several cloud service providers allowing cross
provisioning, resource allocation, and cloud exchange marketplace.Plus ->
NIST Cloud Combined Framework
Deployment
Models
Service
Models
Essential
Characteristics
Common
Characteristics
SaaSPaaSIaaS
Private
CloudCommunity
CloudPublic
Cloud
On Demand Self-Service
Broad Network Access Rapid Elasticity
Resource Pooling Measured Service
Massive Scale Resilient Computing
Geographic Distribution
Service Orientation
Advanced Security
Homogenity
Virtualization
Low Cost Software
Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com
Hybrid Clouds
Page 12
29.09.2011
12
Elements of the Cloud
Resource Management Layer
API Layer
Application User Interface Layer
Users Users Users Users Users Users Users
Storage Systems
(IaaS)
(SaaS)
(PaaS)
Provisioning Engine for the Virtual Data Center
Creates virtual data centers and IT infrastructure
within a compute and storage resource
Page 13
29.09.2011
13
The Virtual Data Center
• To the user, it is no different than a traditional
data center
• Greater efficiency
• Faster provisioning
• Ease of management
IaaS
PaaS
Cloud (PaaS) User Views and Control
• Allows individual agency or
ministry IT managers to
control own virtual data
center resources
• Easy to visualize and
understand
• Simplifies resource planning
and management
• Overall resource
management at the
national operations center
level
Page 14
29.09.2011
14
SaaS – I Don’t Care Where the Applications are Hosted
• Single application
• Many users
• Content is secure
• Simple
Virtual Desktop Support/ SaaS
•• Full desktop utilityFull desktop utility
•• SecuritySecurity
–– Physical media protectionPhysical media protection
–– Virus/MalwareVirus/Malware
–– HackingHacking
•• Rapid provisioningRapid provisioning
•• Volume licensingVolume licensing
Not hardware or
OS
dependent
Page 15
29.09.2011
15
NIST Cloud Computing Priorities
• Interoperability – clouds need to work
together
• Portability – workloads and data should be
able to move as needed
• Security – customer data and workloads are
protected
All require development of open and usable standards
“Quick Win” - Disaster Recovery
• Requirement to backup government data into a
central (offsite) location
– Server-based
– Workstation-based
– “Cloud Storage” model
• Long term disaster recovery designed into Cloud as a
distributed/mirrored architecture allowing
immediate fail-over
Page 16
29.09.2011
16
Issues and Concerns w/Clouds
• Security of government information
• Personal Privacy of citizens
• Availability and performance
• Management and control
• Migration planning
“Cloud computing is not a silver bullet,
but offers a transformational opportunity
to fundamentally reshape the operations
of government and close the IT gap”(Kundra)
Security is Main Issue with Clouds
74,6%
63,1%
63,1%
61,1%
55,8%
50,4%
50,0%
49,2%
44,3%
0,0% 10,0% 20,0% 30,0% 40,0% 50,0% 60,0% 70,0% 80,0%
Security
Performance
Availability
Integration with Existing IT
Systems
Ability to Customize
Cost of Implementing
Portability
Regulatory Requirements
Vendor Availability/Experience
Source: IDC Enterprise Panel N=244
Q: Rate the challenges/issues ascribed to the “cloud on demand model” 1= Not Significant 5= Very Significant
Page 17
29.09.2011
17
NIST
Cloud Security Challenges• Data dispersal and international privacy laws
– EU Data Protection Directive and U.S. Safe Harbor program
– Exposure of data to foreign government and data subpoenas
– Data retention issues
• Need for isolation management
• Multi-tenancy
• Logging challenges
• Data ownership issues
• Quality of service guarantees
Government Roles in Cloud Computing
Thought Leadership
Standards
Policy
Page 18
29.09.2011
18
Government Roles in Cloud
• Create national policies and standards
– Data security
– Data formats
– Data and IT Governance
• Produce cloud computing solutions in support of government operations
• Provide guidance for both government and commercial initiatives
– Strategic roadmaps
– Best practices
– PPPs Government PlaysGovernment Plays
An Additional RoleAn Additional Role
As National ICTAs National ICT
“Thought Leader”“Thought Leader”
36
US Federal Cloud Computing Vision and Mission
3636
Vision StatementEstablish secure, easy to use, rapidly
provisioned IT services for the Federal
Government, including:
• Agile and simple acquisition and
certification processes
• Elastic, usage-based delivery of
pooled computing resources
• Portable, reusable and interoperable
business-driven tools
• Browser-based ubiquitous internet
access to services
• Always on and available, utility-like
solutions
GSA Cloud Computing Initiative Vision and Strategy Document
Mission StatementDrive the government-wide adoption of
cost effective, green, and sustainable
Federal cloud computing solutions
Page 19
29.09.2011
19
Cloud Readiness Assessment
• Profiles – all levels of government management and users
• Awareness and Knowledge
• Existing Technical Architecture
• IT Organizations and Training Plans
• Security and Risk Assessment
• Cloud Computing Strategy
• IT Governance and Management Strategy
Cloud Development Case Study
Moldova M-Cloud
Page 20
29.09.2011
20
M-Cloud Introduction
– Establish a government-wide shared compute
infrastructure
– Use international best-practices
– Develop M-Cloud public services focusing on:
• Meet specific performance objectives
• Availability
• Security
• Data location
• Data recovery
• Regulatory
• and other legal requirements.
The Requirement
Moldova
• Develop approach, including:
– Surveys of existing data centers
– Cloud Readiness Assessment
– Review of BCDR environment
– Interview govt agencies and private companies
– Intensive thought leadership campaign
– Feasibility study
• Prepare cloud vendor procurement bid and implementation roadmap
Page 21
29.09.2011
21
M-Cloud Leadership
• Move to a “cloud first” national ICT policy
• Identify opportunities through data center
consolidation
• Centralize certification of cloud solutions
• Establish standards for security, interoperability &
data portability
There was a time when every household, town, farm or village had its own water well. Today,
shared public utilities give us access to clean water by simply turning on the tap; cloud
computing works in a similar fashion. Just like water from the tap in your kitchen, cloud
computing services can be turned on or off quickly as needed. Like at the water utility, there
is a team of dedicated professionals making sure the service provided is safe, secure and
available on a 24/7 basis. When the tap isn’t on, not only are you saving water, but you aren’t
paying for resources you don’t currently need. (Kundra)
Utilities: 1) Roads 2) Water 3) Electricity
4) Broadband and Compute
M-Cloud Government Structure
High Level View of M-Cloud
Page 22
29.09.2011
22
Governments Should Consider Cloud
Computing at Any Stage of Development
• Cloud computing solves immediate problems
– BCDR
– More responsive to urgent government agency
requirements
– Data center consolidation & operations efficiency
– Improved flexibility/productivity in application
development
• Knowledge creation
Cloud StandardsCloud Standards
Standard
Proprietary
Value-Added
A B
Page 23
29.09.2011
23
Cloud Standards Mission
45
Provide guidance to industry and
government for the creation and
management of relevant cloud computing
standards allowing all parties to gain the
maximum value from cloud computing
Standardization
Allowing Value-Added and Proprietary Implementation
Standardized Core
Cloud Capabilities
Proprietary Valueand Additional Functionality
• Advanced or Value-
Added features
• Standard or
Core features
GSA
Page 24
29.09.2011
24
Standards Framework
• Cloud computing reference architecture
• Cloud service level agreements
• Systems interoperability
• Data portability
• Security and privacy
• Recommendations– Contribute government or agency requirements
– Participate in standards development
– Encourage agency compliance testing and development
– Encourage all agencies to adopt standards
– Provide training to all agencies and users
There are many existing and emerging standards
• OASIS
• OCCI
• DMTF
• OVF
• CDMI
• IEEE
• And more…
48
Cloud Computing
Reference Architecture
48
Page 25
29.09.2011
25
Cloud Computing Journey
Public
Cloud
Private
Cloud
APIs and
ProtocolsVirtual Private
Cloud Hybrid Cloud
Open
Standards
Inter-Cloud
We Are
Here