Intel Cloud Builders Guide to Cloud Design and Deployment on Intel Platforms

Intel Cloud Builders Guide Intel Xeon Processor-based Servers DynamicOps Cloud Automation Center Intel Cloud Builders Guide to Cloud Design and Deployment on Intel Platforms DynamicOps Cloud Automation Center AUDIENCE AND PURPOSE IT consumers are demanding self-service access to resources with delivery measured in minutes, not days, while their IT organizations are increasingly looking to cloud automation platforms, like DynamicOps, to help them respond more quickly to meet the accelerating pace of market demands. Intel Xeon Processor 5600 Series This Intel Cloud Builders reference architecture document is intended for enterprise IT organizations and cloud service providers who are looking to build their own on-demand private cloud infrastructure using the DynamicOps Cloud Suite. This test configuration was deployed on Dell servers powered by two Intel Xeon processor 5600. This configuration enables the bare metal provisioning and management of the Dell servers as well as virtual machines running on VMware vsphere*. This paper provides the steps, detailed descriptions, and screen shots on how to quickly configure and deploy a proof of concept or limited scale production pilot for an on-demand cloud infrastructure demonstrated through common use cases using a basic deployment configuration.

Table of Contents Executive Summary... 3 Introduction... 3 Product Overview... 3 DynamicOps Cloud Suite... 3 DynamicOps Cloud Automation Center... 4 The DynamicOps Cloud Development Kit... 5 The DynamicOps Platform... 5 DynamicOps Design Center... 5 Test Bed Blueprint... 6 Logical Topology... 7 Hardware Topology... 8 Hardware Description... 8 Technical Review... 9 Actors... 9 Use Cases... 9 Preconditions... 9 Use Case - Configuring Enterprise Groups... 10 Use Case - Configuring Provisioning Groups and Users... 11 Use Case - Reserving Resources for a Provisioning Group... 12 Use Case - Establishing Global Service Blueprints... 13 Use Case - Self Service Provisioning of Compute Services... 17 Use Case - Ongoing Management... 18 Use Case - Resource Reclamation... 20 Use Case - Capacity Planning... 21 Use Case - Cost Transparency and Chargeback... 21 Things to Consider... 24 Conclusion... 24 Glossary/Appendix... 25 Additional Information... 26 2

Executive Summary DynamicOps enables the cloud vision quickly and easily through Operations Virtualization* - empowering IT to rapidly deploy new services that are aligned with business needs while providing complete cost transparency. This significantly lowers OpEx and CapEx, while improving overall infrastructure ROI, IT perception, and customer satisfaction. By enabling a personalized, self-service experience tied to fully automated lifecycle management, IT can create a successful and scalable private cloud that leverages existing processes and tools. This reference architecture document describes the configuration and use cases that a typical enterprise organization would use to implement and deploy a private or hybrid cloud infrastructure. The examples primarily demonstrate the management of a virtual infrastructure. However, the DynamicOps solution can also perform bare metal provisioning and management of physical machines as well as public cloud resources like Amazon EC2. Introduction Businesses are eager to adopt cloud computing; they realize the tremendous efficiency, benefits, and cost savings that it promises. However, these promises often fall short when confronted with the realities of the modern enterprise which include a complex environment of siloed systems, disparate processes and tools, and a variety of unique business unit requirements. More often than not, enterprises find themselves dealing with exceedingly slow cloud implementation times, unrealistic levels of standardization, minimal personalization, loss of existing investments due to the need to rip and replace, and high costs from the army of developers needed to create a workable cloud solution. DynamicOps delivers all the promised benefits of the cloud with order-ofmagnitude improvements in efficiencies and savings. Our cloud solutions were purpose-built to transform existing enterprise infrastructures into personalized self-service environments in the least amount of time, without an army of developers. Enterprises choose DynamicOps to gain a distinct competitive advantage by: Achieving Fastest Time-to-Cloud Value. Extensive out-of-the-box capabilities, model-based architecture, and the ability to leverage existing investments, enables IT to create scalable private, public, and desktop cloud services in just days, meeting a wide variety of business needs and demonstrating quick ROI. Embracing Consumerization of IT. Disparate systems and processes are unified into a highly personalized, selfservice experience governed by user and organizational awareness, ensuring the exact needs of the user are met in the context of the business. Boosting IT Efficiency. Advanced selfservice and automation capabilities lead to a significant reduction in operational expenses, while organizationally aware governance enables a multi-tenant infrastructure, improving hardware utilization, and eliminating capital expenditures. Increasing Business Agility. Enterprise IT is empowered with the flexibility to quickly enable cloud services so that the business can react faster to changing market demands and capture market share. Product Overview DynamicOps enable enterprises to quickly create and benefit from private and hybrid clouds at a speed that is unprecedented in the industry. Customers use DynamicOps products to evolve infrastructure into a highly effective, scalable cloud in which users receive personalized resources, IT efficiency is radically improved, and businesses operate with much greater agility. The DynamicOps product line is composed of two products: DynamicOps Cloud Suite This cloud-enablement suite provides the fastest time-to-cloud value through breakthrough technologies, robust outof-the-box capabilities, and unparalleled extensibility. It includes the DynamicOps Platform, DynamicOps Cloud Automation Center*, and DynamicOps Design Center. Figure 1: DynamicOps Cloud Suite and Cloud Development Kit* 3

DynamicOps Cloud Development Kit* This kit provides tools, documentation, and code examples that enable developers to declaratively define new cloud service models based on business rules, user and data structure, process, security, activities, and workflows. With the combination of DynamicOps Cloud Suite and Cloud Development Kit, companies have everything needed to create next-generation cloud services in the least amount of time, with the fewest resources. DynamicOps Cloud Suite The following components are included in the DynamicOps Cloud Suite. DynamicOps Cloud Automation Center DynamicOps Cloud Automation Center provides unified cloud management for desktops and servers across virtual and physical systems in private and public cloud deployments. It enables IT to transform existing infrastructure into ondemand IT as a Service, where compute resources, configuration changes, and new applications are delivered in minutes instead of days or weeks. DynamicOps Cloud Automation Center allows IT to reduce service delivery times while increasing IT efficiency through the following capabilities: Self-Service Consumer Portal A secure self-service portal where authorized administrators, developers, or business users can request new IT services and manage existing computer resources from predefined user-specific menus. User and Business-Aware Governance and Control Enables IT to apply their own way of doing business to the cloud without changing organizational processes or policies. Enterprises gain the flexibility needed for business units to have different service levels, policies, and automation processes, as appropriate for their needs. Automated IT Service Delivery and Management Complete end-to-end lifecycle management of existing and newly provisioned compute resources. Out of-the-box automation that can easily be integrated with existing tools and leverage existing processes. Intelligent Resource Management A unique approach to resource management, which ensures higher infrastructure utilization through placement, prevention, and reclamation of resources across virtual and physical servers and desktops on private and public cloud capacity. Figure 2: DynamicOps Cloud Automation Center 4

The DynamicOps Cloud Development Kit All the tools and documentation are provided, enabling developers to easily define new cloud service models based on business rules, user and data structure, process, security, activities, and workflows. IT is empowered to rapidly create new cloud services with minimal resources. The Cloud Development Kit is for IT organizations who want to maximize their cloud implementations and are stymied by rigid cloud products that are designed only for managing virtual machines; they often require extensive coding to the core platform for even minimal extensibility. When new use cases are needed for the cloud, enterprises must spend significant time and money tailoring solutions to their business. In the meantime, updating and managing the cloud environment becomes untenable. The DynamicOps Platform The DynamicOps Platform provides an open and flexible foundation that allows IT to deliver personalized and scalable cloud services in days, while leveraging existing tools and protecting current and future investments in multi-vendor technologies. DynamicOps Design Center DynamicOps Design Center is a graphical editor for visually modifying the Cloud Automation Center s activities and workflow logic, making it easy for administrators to tie into any third-party system, leverage existing automation scripts, or create custom management logic. It provides a simple way to extend the Cloud Automaton Center. Figure 3: DynamicOps Design Center 5

Test Bed Blueprint DynamicOps Cloud Automation Center is comprised of three modules: Virtual Resource Manager (VRM), External Cloud Manager (ECM), and Physical Resource Manager (PRM). Together, these modules provide an enterprise-wide system for provisioning virtual, cloud, and physical machines and for comprehensively managing the machine lifecycle from user request and administrative approval through decommissioning and resource reclamation, while dramatically improving resource cost control and management. Using the Design Center visual workflow designer, administrators can modify DynamicOps out-of the box activities to add additional activities or call external scripts. Our Cloud Development Kit enables developers to create their own custom modules which they can save and have the DynamicOps platform execute. Out of the box modules include: Virtual Provision and manage virtual machines created by that platform and the virtualization hosts they are created on; a proxy agent is used to communicate with the hypervisor s management interface (e.g. VMware vcenter* or Microsoft SCVMM*). Physical Provision and manage physical machines; the Cloud Automation Center communicates directly with each server s management interface to execute actions such as OS installation, rebooting, reprovisioning, and so on. External The Cloud Automation Center directly interacts with the public cloud service to provision and manage cloud machines. Our governance and control assures that only authorized users can provision appropriate machines, and they only consume the appropriate amount of public cloud resources. Figure 4: DynamicOps Cloud Automation Center 6

Logical Topology The following test bed was constructed using a simple deployment configuration where all the system components were installed on a single virtual machine. This is a typical configuration that many companies use to deploy a production pilot or limited scale production implementation up to 2,000 virtual machines. In this configuration, the self-service portal can be accessed through a Web interface from any remote device. The Cloud Automation Center will need to interact with the management interfaces of virtual, physical, or public cloud resources that it is managing. These interactions may also be remote. As configurations grow, or as the cloud becomes an essential component of an organization s core infrastructure, IT will look to distribute additional Cloud Automation Center components for greater availability and scalability. For example, a DynamicOps global enterprise customer currently manages over 100,000 virtual desktops with plans for further growth. DynamicOps reference architecture documents are available to customers and partners who are managing implementations for tens of thousands of machines from a single Cloud Automation Center instance. Figure 5: Test Bed Logical Topology 7

Hardware Topology The test bed consisted of two Dell M1000e Blade Chassis, each populated with eight Dell M610 Blade Servers. Each Dell M610 Blade Server is powered by two Intel Xeon processor 5600 series. Each of the chassis was paired with a Dell PowerConnect 5448 Gigabit Ethernet switch. A Dell EqualLogic PS6100XV storage array backed the 16 blades for network-based storage. Figure 6: Hardware Topology System Processor Configuration Additional Details 12 x Compute Nodes Intel Xeon Processor - See the product page at http://www.intel.com/p/en_us/products/server/processor/ xeon5000 4 x Management Nodes Intel Xeon Processor - See the product page at http://www.intel.com/p/en_us/products/server/processor/ xeon5000 Dell M610 blade servers powered by two Intel Xeon processor 5600 series, 32GB RAM, shared iscsi storage Dell M610 blade servers powered by two Intel Xeon processor 5600 series, 32GB RAM, shared iscsi storage 2 x GbE 48-port Switches 1 x iscsi Storage Array Dell PowerConnect* 5448 EqualLogic* PS6100XV - 8 x GbE connections Table 1: Test Bed Configuration 8

Hardware Description The Intel Xeon processor 5600 series, which provides a foundation for designing new cloud data centers to achieve greater performance while using less energy and space and dramatically reducing operating costs, was used for the purposes of this guide. The Intel Xeon processor 5600 series combines unprecedented security, performance, and energy efficiency. Intelligent performance that automatically varies the processor frequency to meet business and application performance requirements. Automated energy efficiency that scales energy usage to the workload to achieve optimal performance per watt and to reduce operating costs. Flexible virtualization that offers bestin-class performance and manageability in virtualized environments to strengthen the infrastructure and to reduce costs. Technical Review To demonstrate the capabilities of the DynamicOps Cloud Automation Center, we executed the most common use cases. These use cases were executed by DynamicOps administrators who configure organizational governance policies, and are responsible for the ongoing management of the cloud infrastructure including resource reclamation planning and chargeback. Other use cases were executed by resource consumers who request new services and who manage existing machines. Actors EndUser - represents the technical End User role GroupMgr - represents the Group Manager role EnterpriseAdmin - represents the Enterprise Administrator role Administrator - represents the DCAC Administrator role Use Cases Use Case Actor Role Category Configuring Enterprise Groups Administrator DynamicOps Administrator Policy Management Configuring Provisioning Groups EnterpriseAdmin Enterprise Administrator Policy Management Reserving resources for a Provisioning Group EnterpriseAdmin Enterprise Administrator Policy Management Establishing Global Service Blueprints EnterpriseAdmin Enterprise Administrator Policy Management Provisioning of compute services EndUser User Self-Service Ongoing management of existing resources EndUser User Self-Service Resource reclamation EnterpriseAdmin Enterprise Administrator Ongoing Admin Capacity planning EnterpriseAdmin Enterprise Administrator Ongoing Admin Cost transparency and chargeback EnterpriseAdmin Enterprise Administrator Ongoing Admin Preconditions The DynamicOps Cloud Automation software has been installed. The DynamicOps administrator has customized the user interfaces. The management endpoints have been configured and the environments discovered. --Virtual: Citrix XenServer*, Microsoft Hyper-V*, VMware vsphere --Physical: Cisco, Dell, HP --Cloud: Amazon Web Services* 9

Use Case - Configuring Enterprise Groups The Cloud Automation Center has a multitier organizational grouping capability. Each instance may have one or more Enterprise Group, each of which can contain one or more Provisioning Group. An Enterprise Group is the top-level organizational grouping. It contains virtual, physical, and cloud resources that enterprise administrators will reserve for the different Provisioning Groups under their control. An Enterprise Group has one or more enterprise administrators who reserve a portion of the Enterprise Group s resources for each Provisioning Group. The screen below demonstrates how Enterprise Groups can be configured, resources assigned, and enterprise administrators defined. Figure 7: Enterprise Groups Execution and Results 1. Log into Cloud Automation Center as user Administrator. 2. Choose DCAC Administrator > Enterprise Groups from the navigation pane on the left side of the page. The Enterprise Groups page appears. 3. Click New Enterprise Group on the Enterprise Groups title bar. The New Enterprise Group page appears. 4. Fill in the New Enterprise Group form as follows: Name - The name of the new Enterprise Group. Example: Corporate IT Description - a brief description of the Enterprise Group. Example: Compute resources for Corporate IT Hosts - The Target Hosts for the group. Example: ESX-NA-0008, ESX-NA-0009, HyperV-0001, HyperV-0002 Enterprise Administrators - Enterprise Admin users. Example: DCAC\EnterpriseAdmin IMPORTANT! Press enter after adding each user account to validate the account. 5. Click OK. The Enterprise Group is created. 10

Use Case - Configuring Provisioning Groups and Users A Provisioning Group is a collection of machine consumers, often corresponding to a line of business, department, or other organizational unit. To request machines, a Cloud Automation Center user must belong to at least one Provisioning Group. Each group has access to a set of local Blueprints used to request machines. A group must have at least one Group Manager, who maintains Blueprints for the group and approves some machine requests. Groups can also contain Support Users, who can request and manage machines on behalf of other group members. A Cloud Automation Center user can be a member of more than one Provisioning Group, and can have different roles in different groups. The screen below demonstrates how Provisioning Groups can be created or modified, and membership and roles assigned to group managers, support users, and users. Execution and Results 1. Log into Cloud Automation Center as user EnterpriseAdmin. 2. Choose Enterprise Administrator > Provisioning Groups from the navigation pane on the left side of the page. The Provisioning Groups page appears. 3. Click New Provisioning Group on the Provisioning Groups title bar. The New Provisioning Group page appears. 4. Fill in the New Provisioning Group form as follows: Name - The name of the new Provisioning Group. Example: Consulting Services Description - A brief description of the group. Example: Provisioning Group for Consulting Services BU Group Manager Email - The email address of the Provisioning Group manager. May also be a distribution group email. Example: Rich@dcac.local Default Machine Prefix - The default naming prefix. Example: Svcs-Tier1- Active Directory Container - The location in Active Directory to place the new machine accounts. Example: OU=Services Group Manager Role - Group Admin role user accounts Example: DCAC\EnterpriseAdmin Support Role - Support role user accounts Example: DCAC\Steve User Role - End user accounts Example: DCAC\EndUser IMPORTANT! Press enter after adding each user account to validate the account. 5. Click OK. The Provisioning Group is created. 11

Use Case - Reserving Resources for a Provisioning Group From the enterprise group s allocation of resources, the enterprise administrator reserves resources for different Provisioning Groups. Resources can be reallocated dynamically to meet changing business needs. Reservation policies allow Provisioning Group resources to be further sub-grouped to define different services tiers or types of resources. A virtualization host (or simply host) is an object that represents a host, host cluster, or pool within a virtualization platform. The virtual machines requested by provisioning group members are provisioned on hosts. A reservation is a share of one host s resources memory, CPU, and storage reserved for use by a particular Provisioning Group in provisioning machines. The screen shot below demonstrates how resources from a virtual host or host cluster are reserved for a specific Provisioning Group. Enterprise administrators can also create reservations for physical servers and public cloud computing resources. Figure 8: Enterprise Groups and Widget Division Execution and Results 1. Log into Cloud Automation Center as user EnterpriseAdmin. 2. Choose Enterprise Administrator > Reservations from the navigation pane on the left side of the page. The Reservations page appears. 3. Click New Reservation > Virtual on the Reservations title bar. The New Reservation - Virtual page appears. 4. Fill in the New Reservation - Virtual form as follows: Host - Select the target Host or Cluster from the dropdown list Example: ESX-NA-0008 Name - A descriptive name describing the reservation. Example: CS-Tier1-ESX-NA-0008-Res-1 Provisioning Group - Select the appropriate Provisioning Group from the dropdown list. Example: Consulting Services Reservation Policy - Select the appropriate Reservation Policy from the dropdown list. Example: Tier1Resource Machine Quota - The maximum number of machines to be created against the reservation. Example: 20 Priority - The order in which the reservation will be consumed. (Lower number is higher priority) Example: 1 Memory - The amount of RAM (in GB) to reserve for the Provisioning Group (this reservation only). Example: 32 12

Storage - Select the path(s) to be used for the reservation. Enter a capacity (in GB) and a priority (lower number is higher priority) for each selected path. Example: ESX-NA-0008-Storage 1 / 300 GB / Priority 1 Network - Select the network(s) to attach machines provisioned using the reservation (multiple paths will be assigned in a round robin). Optionally select a Network Profile to assign static IP addresses on provisioned machines. Example: PROD-Network Resource Pool - The resource pool (if applicable) where provisioned machines are placed. Example: ESX-NA-0008-Resource Pool 5. Click OK. The Reservation is created. Use Case - Establishing Global Service Blueprints A Service Blueprint is a complete building plan for a virtual, physical, or public cloud machine. It specifies both the system attributes and the management settings required to build and manage the machine throughout its life. A user requesting a machine from a predefined catalog authorized for a specific user or group of users. Service Blueprints can be specific for a given Provisioning Group or global and span multiple Provisioning Groups. In addition, Service Blueprint policies specify the reservation policies that define the service lever or tier of resources the user will be provisioned on as well as the amount of resources they will receive. Figure 9: Establishing Global Service Blueprints 13

Figure 10: Global Service Blueprints Service Blueprints can be customized to meet the unique needs of each business, creating a business-aware cloud infrastructure. 14

Execution and Results 1. Log into Cloud Automation Center as user EnterpriseAdmin. 2. Choose Enterprise Administrator > Global Blueprints from the navigation pane on the left side of the page. The Global Blueprints page appears. 3. Click New Blueprint > Virtual on the Global Blueprints title bar. The New Blueprint - Virtual page appears. 4. Fill in the New Blueprint - Virtual form as follows: Blueprint Name - A unique name representing the OS, application or service being delivered by the blueprint Example: SQL Server 2008 R2 Enterprise Description - A description of the application or service, and the OS platform on which it is being delivered. Example: SQL Server 2008 R2 Enterprise Edition instance on Windows Server 2008 R2 Groups - Tick the check box next to the name of each Provisioning Group allowed to access the blueprint. Example: Consulting Services, Finance Reservation Policy - Select the appropriate Reservation Policy from the dropdown list. The blueprint will only provision against reservations with the same Reservation Policy selected. Example: Tier1Resource Machine Prefix - The naming prefix to use at the time of provisioning. Default is to use each Provisioning Group's default. Example: Use group default Approval Policy - Select the appropriate Approval Policy from the dropdown list. Default approval requires Group Manager to approve each request from the blueprint. Example: No Approval Max # of machines per user - The maximum number of machines a single user can provision from the blueprint. Example: Leave blank Archive (days) - The number of days to wait between the machine expiration and its disposal. Example: 30 5. Click the Build Information tab. The Build Information section appears. 6. Fill in the Build Information section as follows: Blueprint Type - Select the type of machine built by the blueprint from the dropdown list. Example: Server Enabled (checkbox) - Tick the checkbox to enable the blueprint. Example: Checked Master (checkbox) - Tick the checkbox to allow other blueprints to be created from the blueprint. Example: Checked Display Location on Request (checkbox) - Tick the checkbox to show a dropdown list of Locations at the time of request. Example: Not Checked 15

Action (radio button) - Select the deployment method to use with the blueprint. Example: Create Build Profile - Select the appropriate Build Profile used to build the machine from the dropdown list. Example: ESX Windows Server 2.3.0 Provisioning Workflow - Select the appropriate workflow to provision the machine. Example: WIMImageWorkflow # CPU's - Enter the minimum number of CPUs in the provisioned machine. Optionally, enter a maximum value to allow the user to choose from a range, and an Approval At value to set an approval threshold. Example: 2 / 4 Memory (MB) - Enter the minimum amount of memory for the provisioned machine. Optionally, enter a maximum value to allow the user to choose from a range, and an Approval At value to set an approval threshold. Example: 4096 Storage (GB) - Enter the minimum amount of disk space for the provisioned machine. Optionally, enter a maximum value to allow the user to choose from a range, and an Approval At value to set an approval threshold. Example: 20 / 30 The screen shots above demonstrate how to configure a virtual machine Service Blueprint. Similar capabilities are available for physical, external cloud and multi-machine app services. Lease (days) - Enter the number of days the provisioned machine can exist before expiring. Optionally, enter a maximum value to allow the user to choose from a range, and an Approval At value to set an approval threshold. Example: 30 / 90 / 60 Cost (daily) - Enter a simple daily cost for the machine. Example: 2.00 7. Click the Security tab. The Security section appears. 8. Fill in the Security section as follows: Group members who can use this blueprint. Enter the user accounts or groups of any users to provide exclusive access. Default is to allow access by everyone. Example: Blank (Everyone) Machine owners can - Tick the checkboxes of the actions users may execute against their provisioned machine. Example: All action checkboxes ticked (default) 9. Click OK. The Global Blueprint is created. 16

Use Case Self Service Provisioning of Compute Services After governance policies have been configured, Provisioning Group members can request and use virtual, physical, or external cloud services. The services that are available to a given user are those that have been configured and made available to members of that Provisioning Group. Access can be further limited to specific users within that group. To provision a new machine, a user, or administrator, goes to the self-service portal and reviews the Blueprints that the Provisioning Group membership gives them access to. They select a Blueprint, indicate the number of machines desired and any optional parameters before submitting the request. Execution and Results 1. Log into Cloud Automation Center as user EndUser. 2. Choose Self Service > Request Machine from the navigation pane on the left side of the page. The Request Machine page appears. 3. Click to expand the list of blueprints for the appropriate Provisioning Group. Example: Consulting Services 4. Choose a blueprint from the expanded list. The Confirm Machine Request page appears. Example: SQL Server 2008 R2 Enterprise 5. Fill in the Confirm Machine Request form as follows: Number of Machines Requested - Total number of machines to be created from the blueprint, for this request. Example: 1 Lease Duration - Number of days before the machine expires and is retired. Example: 30 # CPU's - Quantity of CPUs requested. Example: 2 Storage (GB) - Capacity of storage requested. Example: 20 Description - A brief description of the intended use of the requested machine. Example: Standalone instance for Web Analytics Reason for Request - Reason the request is being submitted. Example: Additional capacity required 6. Click OK. The Machine Request is submitted. If the Blueprint requires approval before the service is provisioned, the request is sent to the approvers defined in the approval portion of the Blueprint. Anyone in the approval chain can approve or deny the request. When the request is approved, or if it does not require approval, the machine is provisioned from the Provisioning Group s Reservations (previously built using the workflow that was specified by the Blueprint), and then turned on. 17

Use Case - Ongoing Management After a machine has been provisioned, the Service Blueprint policies control the ongoing management functions each user is allowed to perform against their machines. Ongoing management functions include some of the following operations: Connecting to the machine through platform tools like RDP and SSH or connection brokers like Citrix XenDesktop* Power management Reprovisioning Snapshot Reconfigure resources (e.g. CPU, memory, storage, network) Lease extension Archive/reactivate Lease management Destroy Any custom command you want to add Depending upon the Service Blueprint policies, users can also modify policies of public cloud machines. Examples are elastic block storage, elastic load balancers, and security groups. 18

Execution and Results 1. Log into Cloud Automation Center as user EndUser. 2. Choose Self Service > My Machines from the navigation pane on the left side of the page. The My Machines page appears. 3. Move the mouse cursor over the name of the Machine to reconfigure. Select Reconfigure Machine from the hover menu. The Reconfigure Machine page appears. Example: Services-Tier1-00004 4. Choose the Memory tab. 5. Adjust the Memory (MB) field to a higher value. Example: 4096 6. Choose the Execution tab. 7. Fill in the Execution form as follows: Execute Request - Indicates when the reconfiguration of the machine should occur. This can be done immediately, left up to the user, or scheduled for a fixed time. Example: Immediate Execution Shutdown Machine Before Reconfigure - Tick the checkbox to have the machine shutdown gracefully prior to reconfiguration. Example: Checkbox Ticked Queue Operation for Retry on Failure - Tick the checkbox to have the reconfiguration process automatically retry in the event of a failure. Example: Checkbox Ticked Reason for Request - Explain the reason the machine requires reconfiguration. Example: Need more memory 8. Click OK. The Reconfiguration Request is submitted. If the Blueprint requires approval for the reconfiguration, the request is sent to the approvers defined in the approval portion of the Blueprint. Anyone in the approval chain can approve or deny the request. When the request is approved, or if it does not require approval, the machine is reconfigured to the new parameters. 19

Use Case - Resource Reclamation One of the most difficult tasks is reclaiming inactive and abandoned machines. Even though these machines are inactive, they consume resources that could be used for other users. Two options are provided for reclaiming inactive and abandoned machines. Leasing Temporary Machines Leased machines are for transient type applications. For example: dev/ test, modeling, simulation, or any other application that needs to be performed for a short period, and then, not performed again for weeks or months. These machines typically stay around longer than needed. Lease policies automate the reclamation of these machines after the lease expires. Leases can be unique to each machine type. Users receive notification before leases expire and have the ability to extend the leases if necessary. Automated Resource Reclamation of Permanent Machines Permanent machines that have no predefined lifespan are much harder to reclaim and reuse when no longer needed. This is especially true for virtual desktops which are much more transient than server applications. The Cloud Automation Center provides a number of predefined filters that allow the administrator to find machines that can be potentially inactive. Before the machines are deleted, best practices include verifying that the machines are no longer needed with the owner, their manager, or someone in the group. This process is manual and time consuming, and rarely performed, since it s typically done with emails and spreadsheets that track the status. The Cloud Automation Center automates the reclamation process by sending the owner reclamation notifications and automating the reclamation workflow. The admin can select from a number of predefined reclamation workflows or define their own reclamation process. Execution and Results 1. Log into Cloud Automation Center as user EnterpriseAdmin. 2. Choose Enterprise Administrator > Enterprise Machines from the navigation pane on the left side of the page. The Enterprise Machines page appears. 3. Move the mouse cursor over Filters > Built-in Filters on the Enterprise Machines title bar. A list of Filters appears. 4. Move the mouse cursor over the appropriate filter and click the selection. The selected filter is applied to the machine list. Example: Low CPU utilization 5. Select one or more underutilized machines from the Enterprise Machines list by ticking the checkbox next to each machine. Example: Finance-Tier1-00002, Finance-Tier1-00003 6. Move the mouse cursor over the selected machine(s) and select Send Reclamation Request from the machine menu. The Send Reclamation Request page appears. 7. Fill in the Send Reclamation Request form as follows: Reclamation Workflow - Choose a workflow from the dropdown list that describes the desired action. Example: Send request to user, if no response convert to a 30-day lease Machines - The selected machines to initiate reclamation. Example: Use default - all checkboxes ticked Reason for Request - The reason the reclamation request is being initiated. Example: Machines appear to be underutilized 8. Click OK. The Reclamation Request is sent. 20

Use Case - Capacity Planning The Cloud Automation Center provides reports and views that allow enterprise and group administrators to understand reserved, consumed, and available resources. An enterprise administrator can look at all the resources they have reserved for their groups and determine how they have allocated to the different Provisioning Groups. Adjustments can be made to the Resource Reservations to dynamically reserve additional capacity to one group, while reducing capacity reserved to another. Execution and Results 1. Log into Cloud Automation Center as user EnterpriseAdmin. 2. Choose Enterprise Administrator > Provisioning Groups from the navigation pane on the left side of the page. The Provisioning Groups page appears. 3. Carefully inspect the values for each Provisioning Group, ensuring the consumed capacity is not at or exceeding the reserved capacity. 4. Move the mouse cursor over the name of the Provisioning Group with the highest percentage of resources consumed. Select View Reservations from the hover menu. The Reservations page appears. 5. Provide additional capacity to the Provisioning Group by expanding or creating a new Reservation. NOTE: See Use Case - Reserving Resources for a Provisioning Group for details on creating additional reservations. Use Case - Cost Transparency and Chargeback Comprehensive chargeback reporting and cost transparency is provided throughout the product. All chargeback information is calculated by assigning cost profiles to the physical resources. Machines provisioned will carry a proportional cost of the physical resources that have been allocated to that machine. In addition, extra costs can be associated with the Blueprint that is assigned to each machine. For example, this can include costs such as software that is typically in addition to the physical resources consumed. Cost transparency means that users and administrators see the cost of services that they are requesting or resources that they are managing. For example, users requesting a machine can see the cost of different services and can adjust their selections accordingly to meet their budgets. Approvers also see the costs that help them make better decisions regarding resource allocations. 21

Chargeback Reporting The Cloud Automation Center supports two chargeback models: Reservation Based Model when resources are reserved by Provisioning Groups, they are charged to that group. Once they are reserved, only the group designated in the reservation can use the resources. Pay-Per-Use Model resources are charged to the Provisioning Groups or user, based on allocation or usage by a machine. Execution and Results 1. Log into Cloud Automation Center as user EnterpriseAdmin. 2. Choose Reports > from the navigation pane on the left side of the page. The Reports Portal page appears. 3. In the Reports Portal select the By Group by Allocated Resources report. 4. Select Filter Criteria and Filter Report. a. Select report start date: April 1, 2012 b. Select report end date: April 30, 2012 c. Select Provisioning Group: Development d. Select Machine Type: All e. Click Filter to create report 5. The chargeback report reflects the cost of CPU, memory, storage, and other resources for each machine owned by that group, for the number of days that the machine was active. 22

Reclamation Savings Reports Reclamation reporting helps companies quantify savings generated by reclaiming inactive and abandoned machines. Execution and Results 1. In the Reports Portal, select the Reports Dashboard (see display below). 2. In the Reports Portal, select the Reclamation> By Group report to see the reclamation savings by group report. 23

Things to Consider Cloud management is not a standalone entity. In order for cloud implementations to be successful, they need to integrate and work with existing management infrastructures and best practices. As you evaluate cloud management platforms, be sure to assess how each tool works with your current and future management ecosystem. Cloud management choices will not only impact prior investments, they can also limit future choices. And, be sure to evaluate how the cloud management options will best fit with your existing IT ecosystem. Consider the following capabilities when evaluating a cloud automation and management platform to manage ondemand cloud infrastructures: Comprehensive out-of-the-box functionality First and foremost, you will want a cloud management solution with a comprehensive set of out-of-thebox cloud management features. Many vendors only focus on initial provisioning capabilities. Make sure your cloud management platform automates the complete lifecycle including: ongoing management, resource reclamation, and decommissioning including archiving. The more features available out-of-the-box, the less need for costly custom services to extend the product s core functionality. Broad multi-vendor support When evaluating cloud management options, be sure that the tool you choose can orchestrate end-to-end delivery across all the technology and management components that make up your implementation. Most vendors only support components from their own offerings. For example: if your private cloud management platform mandates that you become single-vendor shop, you ll need to discard your prior investments and you ll also be locked into that vendor s technology in the future. Multi-vendor support includes technologies used in private and public cloud resources. Policy-enabled extensibility Does your automation and management platform enable you to extend your cloud by simply changing the configuration parameters? Can you select different provisioning workflows, collect custom data, define resource limits and service levels, or create custom approvals or reclamation workflows? These are a few of the many customizations you should be able to make via policies. The more you can customize your cloud deployment via policies, the quicker and more costeffectively you will be able to deploy a private cloud infrastructure that meets specific company needs. Business-aware governance Being able to modify the behavior of cloud via policies is important, but just as important is the granularity of the policies that can be configured. They must be granular enough to allow different business groups to have different services that are built and constructed using different processes, resources and service levels. For example, the way you provision and manage IT resources can be quite different for dev/test vs. production vs. desktops. Business-aware governance and control is fundamental to meeting the unique needs of each business and driving broader cross-group adoption of cloud services. Modify out-of-the-box automation Can you easily add tasks or call scripts at various states in the machine s lifecycle? Is there a visual workflow editing tool and a library of predefined activities that simplifies the customization process? For example, how easily can you add a self-service command to perform a specific function, access/retrieve information from a custom DB as part of the provisioning process, or execute a script to customize a machine configuration? Are you modifying the workflows that ship with the product or is this a separate run book automation or orchestration tool that you need to bolt onto the cloud management tool? Automate additional tasks Can the cloud automation platform be used to automate additional tasks that go well beyond simple modifications to out of the box processes? For example, one company extended the process used to provision new desktops to also automate the process of on boarding new employees. If you need this level extensibility, one factor that should be considered is the availability of developers with this skill set. Automation tools based on de facto standards like visual studio and.net will make it much easier to find developers than a vendor specific automation tool. Conclusion This paper describes the configuration needed to deploy a limited scale production pilot. Including installation, configuration, and running the test cases described in the test plan this typically takes only a few hours. The use cases were based on common tasks that many companies use to manage their virtual infrastructure. Although this guide focused on managing virtual machines in a private cloud, the DynamicOps Cloud Automation Center enables companies to implement on-demand services for physical machines as well as provide governance and control over public cloud usage. The test bed configuration example contained a relatively small number of compute resources and a limited number of virtual machines. However, the test bed 24

configuration has been tested to support up to 2,000 virtual machines. In addition, the Cloud Automation Center components can be distributed to support much larger configurations, geographic distribution, and high availability. DynamicOps has additional reference architecture documents available that can be used to simplify the configuration and deployment of more complex deployments. Glossary/Appendix Over time, a cloud deployment will need to be extended in order to meet the unique needs of each company and even the unique needs of each business within a company. DynamicOps provides a cloud automation and management platform that allows companies to achieve the quickest time-to-cloud value, yet create a business aware solution that can rapidly be extended to meet the unique needs of your enterprise. While this document is intended to demonstrate how quickly a cloud infrastructure can be deployed, it is only a starting point for your cloud journey. Term Virtual machine Virtualization platform Virtualization host (or simply host) Proxy agent Cloud machine Physical machine Management endpoint Enterprise group DynamicOps role Provisioning Group Provisioning Group Manager Enterprise administrator Virtual reservation Cloud reservation Physical reservation Definition A computer system implemented entirely in software, using resources provided by one or more hardware systems. A catch-all term for a virtualization technology with which the Cloud Automation Center directly interacts, such as Citrix XenServer, Microsoft Hyper-V, or VMware vsphere. An object representing a host, host cluster, or pool within a virtualization platform on which virtual machines requested by users are provisioned. The means by which the Cloud Automation Center communicates with a virtualization platform and the hosts on which it provisions virtual machines, including regular collection of data about hosts and machines. A virtual machine provisioned by a public cloud service provider like Amazon Web Services. A hardware system managed by the Cloud Automation Center that can be or has been provisioned with an operating system or virtualization platform. The management interface for a group of virtual, physical, or cloud resources. The Cloud Automation Center proxy agent will communicate through the management endpoint to provision and manage resources under its control. For example, one or more vcenter instances to manage VMware virtual machines. A group of virtualization hosts, physical servers, and cloud endpoints managed by one or more enterprise administrators. A global administrator assignment or provisioning group membership within the Cloud Automation Center that determines activities available to a user; a single user can be in multiple roles. A collection of machine consumers, typically corresponding to a line of business, department, or other organizational group. A member of a Provisioning Group who maintains Blueprints for the group and approves machine requests. One of several roles responsible for setting up and maintaining the Cloud Automation Center site so Provisioning Group members can request and use machines. A share of one virtualization host s resources dedicated to a particular Provisioning Group for use in provisioning virtual machines. A resource limit for each provisioning group about how much public cloud resources can be consumed by that group. For example: the number of Instances or amount of storage that each group can consume. A set of physical machines reserved for provisioning by a particular Provisioning Group. 25

Term Reservation policy Blueprint Build profile DynamicOps Web console DynamicOps workflow Definition A collection of reservations that can be selected in a Blueprint to restrict machine provisioning to the reservations in the policy. Often used to group like resources to create defined service levels, or to make a specific type of resource easily available for a particular purpose. A specification for provisioning virtual or physical machines, determining the machine's characteristics, and the policies applied to it. A local Blueprint belongs to a single Provisioning Group and can be used only by its members. A global Blueprint is available to all Provisioning Group managers to be selected as a local Blueprint. A set of custom properties that can be incorporated into Blueprints; any Blueprint of any type can incorporate any one build profile, and a single build profile can be incorporated into any number of local and global Blueprints. The browser-based interface to the Cloud Automation Center for machine consumers and administrators. A description of the activities (e.g. logical units of work) that make up a complex task, including their order of execution and the dependent relationships between them and the people or systems that perform them. The Cloud Automation Center uses workflows to define its machine provisioning and management processes. The master workflow defines all the states and stages within the machine lifecycle and is optimized to support long running, dynamic tasks; provisioning workflows defines the process of building or cloning a machine and is specified in blueprints. Additional Information Intel Cloud Builders Program: www.intel.com/cloudbuilders Intel Cloud Builders Reference Architecture Library: http://software.intel.com/en-us/articles intel-cloud-builders-reference-architecturelibrary/ Intel Xeon processors: www.intel.com/xeon Intel Virtualization Technology (Intel VT): http://www.intel.com/technology/virtualization/ DynamicOps Cloud Automation Suite www.dynamicops.com Building the Private Cloud Business Case: http://www.dynamicops.com/resources/white-papers.html Controlling VM Sprawl: http://www.dynamicops.com/resources/white-papers.html Must Have Private Cloud Management capabilities: http://www.dynamicops.com/resources/white-papers.html 26

Disclaimers Intel processor numbers are not a measure of performance. Processor numbers differentiate features within each processor family, not across different processor families. See www.intel.com/ products/processor_number for details. Intel Node Manager: 40% increase in density per published proof of concept http://communities.intel.com/docs/doc-4212 Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark* and MobileMark*, are measured using specific computer systems, components, software, operations, and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. Generational Performance Source: Performance comparison using geometric mean of SPECint*_rate_base2006, SPECfp*_rate_base2006, STREAM*_MP Triad, and Linpack* benchmark results. Baseline geometric mean score of 166.75 on prior generation 2S Intel Xeon Processor X5690 platform based on best published SPECrate* scores to www.spec.org and best Intel internal measurements on STREAM*_MP Triad and Linpack as of 5 December 2011. New geometric mean score of 306.74 based on Intel internal measured estimates using an Intel Rose City platform with two Intel Xeon processor E5-2690, Turbo and EIST Enabled, with Hyper-Threading, 128 GB RAM, Red Hat* Enterprise Linux Server 6.1 beta for x86_6, Intel Compiler 12.1, THP disabled for SPECfp_rate_base2006 and enabled for SPECint*_rate_base2006. INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROP- ERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. UNLESS OTHERWISE AGREED IN WRITING BY INTEL, THE INTEL PRODUCTS ARE NOT DESIGNED NOR INTENDED FOR ANY APPLICATION IN WHICH THE FAILURE OF THE INTEL PRODUCT COULD CREATE A SITUATION WHERE PERSONAL INJURY OR DEATH MAY OCCUR. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked reserved or undefined. Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information. The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling 1-800-548-4725, or by visiting Intel s Web site at www.intel.com. Copyright 2012 Intel Corporation. All rights reserved. Intel, the Intel logo, Xeon, Xeon inside, and Intel Intelligent Power Node Manager are trademarks of Intel Corporation in the U.S. and other countries. *Other names and brands may be claimed as the property of others.