Feeds

Ten years on: How did that cloud strategy pan out?

How to avoid vendor lock-in

3 Big data security analytics techniques

So the CEO is hearing all about clouds now and the financial director is looking at his pile of beans and as usual wants you to do more with less. And both think it is time for you to build or buy a cloud. Where do you start?

The answer is by being brutally honest with yourself and your bosses about everything around you.

A service provider building a greenfield cloud to peddle infrastructure or platform cloud services to augment your carrier and hosting services has it easy. It is simply a matter of examining what type of cloud it wants to supply to customers.

It picks a cloud controller fabric – VMware vCloud, the open source OpenStack or CloudStack, or maybe Windows Server 2012 and Hyper-V with System Center. This cloud doesn't have to integrate with anything but the provider’s billing systems: it just has to create a self-service portal for customers and a more sophisticated management console for the provider’s own admins.

Not so for you. You are sitting there with mission-critical systems – physical boxes running siloed workloads or at best virtualized machines that have a few workloads sharing capacity atop a hypervisor.

A fine mess

You probably have a mix of Risc/Unix boxes and maybe some proprietary mid-range and mainframe systems running legacy code.

You have Windows systems running Exchange Servers for email and groupware and any number of SQL Server databases and home-grown apps and third-party apps, and probably Linux systems running other infrastructure workloads such as data warehouses or analytics and maybe Java applications.

Exactly what the mess consists of hardly matters. You have a mix of apps and platforms and developers and admins with their own set of preferences and prejudices. And now the top brass wants you to turn this hodge-podge of hardware and software into a cloud.

It is understandable if you are jealous of Amazon Web Services and other clouds, says Bryan Che, general manager of the cloud business unit at Red Hat, the commercial Linux and Java platform distributor.

"The biggest motivation for CIOs is when they take a look at the complexity and inefficiencies of their own operations," he says.

"And then they take a look at the public cloud providers such as Amazon, Rackspace and IBM and on any measure they can think of – how quickly they can provision, how much it costs to get that infrastructure, how many administrators they need to manage it and so on – it is orders of magnitude different from what CIOs experience in their own data centers."

Toe-dipping

The odds are you have a lot of Windows systems in your shop, and therefore have VMware's ESXi hypervisor inside its vSphere server virtualization toolset in your shop virtualizing some of your Windows and Linux operating systems for x86 servers.

You could be dabbling with Red Hat's KVM-based Enterprise Virtualization hypervisor or Microsoft's Hyper-V, and where Oracle databases, middleware and applications are involved, you might even be virtualizing atop Oracle's own rendition of the open-source Xen hypervisor.

But again, based on market stats, you may have started out with VMware GSX Server and ESX Server a decade ago in your test and development environment when you first started virtualizing servers. Then you took five or six years to gradually start virtualizing more of your IT infrastructure.

It will come as no surprise that VMware wants you to do the same thing all over again with its vCloud Director tools.

"In the US five years ago, or in emerging countries such as Peru today, companies didn't start out with their first virtualized workload being Exchange Server," says Neela Jacques, director of product marketing for the cloud infrastructure suite at VMware.

"Not because Exchange Server couldn't be virtualized – it is by almost every VMware customer – but because if you start there, you need to think about how to tune storage and do backup and disaster recovery.

“By starting with test and dev with virtualization, you could ensure that you had a high degree of success, gain your skills and then move on to infrastructure and finally tier-two apps. Then maybe three years later you got to business-critical apps.

“Just as it was a big mistake to try to start virtualization with the most complex workloads, it is true for clouds too."

Jacques adds that if you have not built a cloud yet, you should start with the now-virtualized test and dev environment, adding vCloud Director and gaining experience with the self-service portal.

Then you move on to the more sophisticated cloud management tools and high-availability portions of the vCloud Suite, then maybe look at cloud-bursting and disaster-recovery features.

Pastures new

The one thing you do not want to do, says Jacques, is give in to the temptation of implementing a greenfield application – such as an electronic medical records application – on a full-on all singing and dancing cloud.

"This is where you can fall right into the trap," Jacques tells El Reg.

"It is not that you can't build a cloud for a business critical app – you absolutely can. But if you start there, you can make decisions that can hurt you in the long run, such as creating a highly scripted, management-heavy environment to meet the needs of one project.

“It makes sense not to over-complicate your first cloud. With VMware, start with vSphere and vCloud Director. If you want your cloud to do everything, we have the technology, but I don't know if you will be able to get up to speed on day one."

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.