Interoperability in a Cloud Ecosystem

Interoperability in a Cloud Ecosystem Architecture as bare necessity March 27, 2014

Agenda Setting the stage of Cloud Computing Introduction to the IBM Cloud Computing Reference Architecture (CCRA) 12.30 13.00: Welcome 13.00 13.30: Introduction CCRA 13.30 15.00: Dialogue part 1 14.45 15.00: Break (coffee) 15.00 16.30: Dialogue part 1 16.30 17.00: Closing (drinks) Hybrid Cloud Dimensions 1. Application integration (interoperability) 2. Application migration (portability) 3. Service orchestration 4. Security 5. IT Service management 6. Governance and Organisation Closing 2

Introduction Eric Michiels 1 Min. per person Name Organization Expectations IBM Liaison of the GSE Architecture Working Group Jan Willen de Hondt Client IT Architect Presentor Edwin Schouten IT Architect, Cloud Specialist Presentor 3

Setting the stage of Cloud Computing 4

Cloud computing definition NIST * (Technical Definition) Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. servers, storage, network, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. 5 Automation Characteristics On demand self-service Broad network access Resource pooling Rapid elasticity Measured service * NIST -National Institute of Standards and Technology Virtualization Cloud computing Deployment Service models Public Cloud Private Cloud Hybrid Cloud Standardization Consumption Service models models Business Process as a Service Software as a Service Platform as a Service Infrastructure as a Service

Cloud computing - Service Models (NIST) Servers, Storage, Network... Web, App, Database, Messaging... Email, CRM, HRM... Client Manages Traditional on-premises (Meta) Data (Meta) Data (Meta) Data (Meta) Data Application Application Application Application Client Manages Infrastructure as a Service Client Manages Platform as a Service Software as a Service Runtime Runtime Runtime Runtime Middleware Middleware Middleware Middleware Operating system Operating system Operating system Operating system Vendor Manages in Cloud Virtualization Virtualization Virtualization Virtualization Servers Servers Servers Servers Storage Storage Storage Storage Networking Networking Networking Networking Customization; higher costs; slower time to value Standardization; lower costs; faster time to value Vendor Manages in Cloud Vendor Manages in Cloud 6

One level deeper inside the Cloud Computing Consumption Models. Additional service of in-house Managed service Functional application Middleware Application Licenses Application support & updates Application monitoring & patching Middleware support & updates Middleware monitoring & patching Backup, restore & disaster recovery Operating System Traditional Security & patching Hosted IaaS IaaS PaaS SaaS Middleware installation Image & application catalogue Change, issue & risk management Configuration, licence & asset management Backup management & monitoring Security management & monitoring Anti-virus installation & mngt. OS monitoring & patching Operating system (OS) installation Managed cloud portal Manged hypervisor (virtualisation) Server & storage hardware Rack & netwerk patching LAN connectivity Datacenter facility 7 WAN, VPN & Internet connectivity WAN, VPN en internet connectivity

Cloud computing is driving Business Transformation and IT Efficiency. Businessfocused An enabler of business transformation Creating new business models Enabling speed and innovation Reengineering business process Supporting new levels of collaboration Unleashing the end user productivity Innovation IT-focused An evolution of information technology Changing the economics of IT Automating service delivery IT governance and policies Radically exploiting standardization Rapidly deploying new capabilities Efficiencies 8

Ways businesses are introducing Cloud Technologies to support Agile development. Cloud Enablement Framework Value Chain Improve Transform Create 10 Disruptors Innovators Optimizers Enhance Extend Invent Customer Value Proposition Disruptors Create radically different value propositions Generate new customer needs/segments. Disintermediate existing industries and/or create new ecosystems Innovators Significantly extend customer value propositions to develop new revenues Transform their role within their industry and/or enter a different industry ecosystem Optimizers Incrementally enhance customer value propositions Improve organizational efficiency

Introduction to the IBM Cloud Computing Reference Architecture (CCRA) 11

Workload analysis - defining workloads fit for cloud HR / Workforce 12 Front Office / Desktop Mature applications Applications with complex processes & transactions Not Ready for Cloud Web Applications Customer Service Isolated applications Applications with Sensitive Data May be ready for Cloud Highly customized applications Not yet virtualized applications Business Processes ERP / CRM e-commerce Big Data & Analytics DevOps Compute Regulation Intensive Applications Information Intensive Applications Collaboration Storage Batch processing Moving to Cloud Mobile Social Business High Performance Computing Database Archive Disaster Recovery Development & Test Risk & Compliance

How to implement cloud computing according to the CCRA 1 There is a well-defined process for using the RA to implement a cloud service: A cloud is constituted by a CCMP implementation and a set of cloud services delivered and managed by it. A dedicated presentation and document is available describing the process for using the CCRA to develop the management aspects for a cloud service. CCRA work products also serve as authoritative reference on specific technical topics for education purposes. Define requirements and use implementation guidance for for cloud service and cloud platform implementation. Cloud Service Creation + Use Cases + Non-functional Requirements + Consumability 2 Create cloud service and cloud platform implementationspecific architecture overview. Architecture Overview 3 Leverage Define cloud service architectural and CCMP- decisions implementation documented in in the details. CCRA Service Flows and make implementationspecific ones throughout the entire process. Component Model Security Performance & Scalability Virtualization Resiliency Metering, Rating and Accounting BSS De-composition Hybrid Cloud Multi-tenancy Production cloud Operational Model 3a 3b Leverage guidance on on specific technical areas as as input for for developing a cloud service and CCMP implementation. Standards Architectural Decisions 13

Follow a stepwise analysis of requirements in order to propose a solution that meets the business drivers, and is scalable and extendable into the future. 14

Hybrid Cloud: An Integrated Solution Across Multiple IT Layers 15 Cloud Service Integration Tools Process Integration Application & Data Integration Identity Integration Federation Spillover & Failover Consumer Inhouse IT Business Processes Applications Middleware Infrastructure Service Analysis and and transformation of of inhouse infrastructure, middleware, applications, and and in- business and and IT IT processes for for integration in in hybrid cloud Deployment and and integration across datacenter IT IT operations Cloud Services Existing & 3 rd party services, Partner Ecosystems Integration and Integration and consumption of consumption of different different types types of of cloud cloud based based services services One or More Cloud Service Providers Business-Processas-a-Service Software-as-a-Service Platform-as-a-Service Infrastructure-as-a-Service Server Virtualization Storage Virtualization Network Virtualization Governance Common Cloud Platform (CCMP) Operational Support Services (OSS) Service Automation Service Quality Service Asset Service Operations Image Lifecycle Platform & Virtualization Integration across one one or or more cloud providers management services Business Support Services (BSS) Service Offering Customer Subscription Financial On-premise, as as well well as as off-premise, based infrastructure, Infrastructure connectivity, security Server Storage Network and and compliance Facilities requirements, standardization and and automation, Security, Resiliency, Performance & Consumability compatibility for for hybrid workloads Service Creation Tools Service Development Tools Service Runtime Development Tools Software Development Tools Image Creation Tools Workload specific service creation, deployment, and and management across hybrid cloud

Hybrid Cloud - Scope and Dimensions Scope and Purpose Use Cases: Identify use cases and scenarios for hybrid cloud setup, operations, and management. Patterns: Identify solution patterns for integration of on-premise with services in public cloud(s). Lifecycle: Identify and define workload migration and life cycle events for services in the hybrid cloud. Roles: Identify roles associated with hybrid cloud operations and services. Decisions: Define architectural decisions for the hybrid cloud integration framework and for hybrid cloud management services. Perspectives Operating Perspective: Seamlessly move peek workloads from on-premise infrastructure to public cloud(s). Sourcing Perspective: Different types of workloads provisioned by the most effective cloud from the perspective of cost, functionality, availability, performance, security. Perspective: Unified view and capability to manage resources and information onpremise and in off-premise clouds, combined with management and integration of workloads and resources across the whole hybrid cloud. Dimensions Integration: How to connect on-premise services and data to off-premise counterparts, including business data mapping and service integration. Security: How to integrate on-premise/off-premise identities, policies, auditing systems; how to ensure proper security of off-premise cloud workloads; How to secure management and payload interactions. Monitoring: Integrate monitoring of off-premise infrastructure and applications with an on-premise management system; Enable on-premise monitoring and event infrastructure to reach into clouds. : Manage capacity in the cloud; provisioning- and de-provisioning based on monitoring data, capacity overflow from on-premise to Cloud; DR and resiliency. Governance: Who can, does, or should use which cloud-based services; characteristics of service request management of on- and off-premise resources. IT Service : Operational aspects of IT services and cloud adoption impact on IT processes. 16

Dimension 1 Application integration (interoperability) 17

A system that involves cloud computing typically includes data, application, platform, and infrastructure components (Meta) Data Application Runtime Middleware Data is the machine-processable representation of information, held in computer storage Applications are software programs that perform functions related to business problems Platforms are programs that support the applications and perform generic functions that are not business-related Operating system Virtualization Servers Storage Infrastructure is a collection of physical computation, storage and communication resources. Networking 18

Cloud computing portability and interoperability categories interoperability Provider A (Meta) Data Data portability Data interoperability Provider B (Meta) Data Application Application portability Application interoperability Application Runtime Middleware Platform portability Platform interoperability Runtime Middleware 19 Operating system Virtualization Servers Storage Networking Moving VMs and virtual appliances between clouds Tools for monitoring and managing multiple clouds Migration between clouds Single sign-on access to multiple clouds Orchestrated processes accross clouds Operating system Virtualization Servers Storage Networking

Today s DevOps landscape contains selective and siloed solutions limit visibility across people, process and tools and create gaps in the delivery process Line of Business Software Development Test Operations GAP GAP GAP Poor alignment Manual handoffs Manual handoffs Portfolio management Agile developer tools Test infrastructure automation Cloud, virtualization Business process management Big Data/Analytics Build automation Continuous integration Test Test Automation Infrastructure provisioning automation App and middleware deployment automation 20

Dimension 2 Application migration (portabiliteit) 21

Contributions to OpenStack success deliver value OpenStack Compute Provision and manage large networks of virtual machines Platform integration High Availability enhancements Resource optimization Live upgrade contributions Enablement for P & Z Systems, DB2 ESXi support VM group enablement in scheduler CPU allocation for vcpus Cross hypervisor testing and validation OpenStack Networking Create petabytes of secure, reliable storage using standard HW Support for key emerging networking standards Quantum blueprints & migration from Nova FibreChannel support OpenStack Storage Create petabytes of secure, reliable storage using standard HW Block & object storage enablement for IBM capability Nova blueprints Cinder local storage & local instance clone Efficient clone image in Cinder SVC driver for cflex Nova & Cinder storage blueprints Storwise/SVC driver update support iscsi CHAP auth Wsgi application interface enabling external web server Swift / Keystone interface for Keystone v3 API OpenStack Shared Services Libraries that provide image management, authentication & security across all OpenStack projects Security & authentication enhancements Image activation for OVF Guest level metric collection APIs: Enablement for key emerging standards Membership services enhancements Glance: multiple image locations General OpenStack contributions Globalization and crowd-sourced translation integration Drive IBM value-add capability from SCP Community facing contributions bug fixing, community building & promotion QA items 22

TOSCA Technical Overview A language for defining Service Templates Topology and Orchestration Specification for Cloud Applications including a Topology Template describing the structure of a service Scripts ----- ----- ----- ----- ----- ----- ----- ----- Installables including the definition of building blocks for services including the definition implementation artifacts for manageability operations Images including the definition deployment artifacts for components TOSCA defines a packaging format (CSAR) for packaging models and all related artifacts. 23 Cloud Service ARchive (CSAR) including the definition plans for orchestrating the application

Service templates: application and infrastructure patterns 24

Dimension 3 Service orchestration 29

Cloud management services Orchestratie Services: Worklflows, leveraging existing skills, processes and technology artifacts (OSLC from OASIS) Platform Services: Simplifies deployment and lifecycle management of middleware and application patterns (TOSCA from OASIS) Infrastructure Services: Highly flexible, scalable infrastructure on heterogeneous resources (OpenStack) Extensibility: Plug and play operational service management integration Rational development tooling integration Pre-built images, patterns, process / configuration automation Operational Extensions (APIs) (Image Lifecycle Mgmt) Orchestratie Services Platform Level Services Infrastructure Level Services (Provisioning, configuration, resource allocation, security, metering, etc.) Cloud Resources (Pattern Services) Storage Compute Network Development Extensions (Tooling) 30

CCRA Cloud and Orchestration Standards Mapping Cloud Service Consumer Cloud Service Provider Cloud Service Creator Consumer End user Cloud Service Integration Tools Cloud Services Existing & 3 rd party services, Partner Ecosystems API BPaaS BP Mgmt Interfaces Common Cloud Platform OSS Operational Support Services Service Delivery Catalog Service Manager BSS Business Support Services Customer Account Service Offering Catalog Business Manager Service Offering Service Component Developer Service Composer Service Integrator Consumer Business Manager Consumer Inhouse IT API API SaaS PaaS Software Mgmt Interfaces Platform Mgmt Interfaces Service Consumer Portal & API Service Automation Service Request Provisioning Monitoring & Event Change & Configuration Incident & Problem IT Asset & License Image Lifecycle IT Service Level Capacity & Performance Contracts & Agreement Subscription Service Request Pricing Order Entitlement Metering Rating Billing Service Development Portal & API Offering Manager Service Creation Tools Service Development Tools Business Processes Applications Middleware Infrastructure Service Consumer Administrator API IaaS Infrastructure Mgmt Interfaces Platform & Virtualization Deployment Architect Transition Manager Inf rastructure Operations Manager Clearing & Settlement Service Provider Portal & API Accounts Payable Security & Risk Manager Accounts Receivable Customer Care Service Runtime Development Tools Software Development Tools Image Creation Tools Security, Resiliency, Performance & Consumability Governance 31

Cloud and Orchestration Standardization Overview Standardization is required to build up a community contributing to a Cloud ecosystem: Need for standardized description for Cloud services; Need for standardized packaging format; Need for standardized APIs. Cloud and Orchestration (CMO) standardization effort defines a model for managing Cloud Services throughout their complete lifecycle: Initial deployment of a service instance; Operational management of a service instance (e.g. capacity modification, patch management, incident management, etc.); Termination of a service instance. Definition CMO defines: A structural model for services, (i.e. components and their relationships); 32 A process model for build- and management plans based on BPMN 2.0 standard; APIs for requesting and managing Cloud services; A packaging specification for Cloud services and related deployment artifacts. OVA OVA ---- ---- ---- ---- ---- ---- ---- ---- ---- EARs Images Scripts Workflows CSAR Packaging Artifacts

Dimension 4 Security 33

One-size does not fit-all: Different cloud workloads have different risk profiles High Need for Security Assurance Analysis & simulation with public data Mission-critical workloads, personal information Tomorrow s high value / high risk workloads need: Quality of protection adapted to risk Direct visibility and control Significant level of assurance 34 Low Training, testing with nonsensitive data Low-risk Mid-risk High-risk Business Risk Today s clouds are primarily here: Lower risk workloads One-size-fits-all approach to data protection No significant assurance Price is key

Security Framework Overview Business Security Reference Model Governance, Risk, Compliance (GRC) Application and Process People and Identity IT Infrastructure: Network, Server, End Point Data and Information Physical Infrastructure Architectural Principles Software, System and Service Assurance Security Info and Event Infrastructure Storage Security Command and Control Identity, Access and Entitlement Infrastructure Foundational Security Identity, Access and Entitlement Host and End-point Security Security Policy Data and Information Protection Security Services and Infrastructure Security Policy Infrastructure Application Security Risk and Compliance Assessment Threat and Vulnerability Crypto, Key and Certificate Infrastructure Network Security Physical Asset IT Service Service Infrastructure Physical Security Security Service Levels Code and Images Designs Policies Config Info and Registry Identities and Attributes Operational Context Events and Logs IT Security Knowledge Data Repositories and Classification 37

Dimension 5 IT Service management 38

Service integration continues to evolve however there are mixed views of how the hybrid integration / cloud service broker market will develop Fourth Generation Sourcing* Generation I do it yourself Generation II single-source Generation III multi-source Generation IV integrate integrating a set of cloud and other service providers as part of an IT ecosystem to deliver endto-end IT services to the business *Master of the Outsourcing Game: Dan McNicholl, CIO of GM North America, 2003 "The service integrator model, in its various instantiations, is a good model for IT organizations going forward relative to managing a diversified service delivery channel and portfolio," says KPMG's Lepeak. "But like any model, it is evolving. cio.com The Outsourcing Year in Review Grading our Predictions, Dec 2013 39 The third-party managed sourcing model [which I call] multi-sourcing Integration-as-a-Service--is poised to accelerate as the enterprise IT model of the future. Shaun Daly, partner, Sourcing Advisory Services, quoted in cio.com, Sept 2012 As cloud adoption proliferates, more IT organizations in midsize to large organizations are adopting the internal CSB role. Using external providers exclusively to manage all aspects of CSB is less likely. TiffaniBovaand Benoit Lheureux, Gartner, Predicts 2013: Cloud Computing Becomes an Integral Part of IT, Dec 2012

Integrated Hybrid Cloud Platform Cloud Services Common Common Cloud Cloud Platform Platform (CCMP) Cloud Service Provider Enabled for Hybrid Cloud Hybrid Cloud enabled on consumer side Cloud Service Integrati on Tools Existing & 3 rd party services, Partner Ecosystems PaaS SaaS BPaaS Service Consumer Portal & API OSS Operational Support Services Service Request Operational Support Services (OSS) Change & Configuration Service Delivery Catalog Service Orchestration Provisioning Incident & Problem Image Lifecycle IT Asset & License BSS Business Support Services Customer Account Service Offering Catalog Service Offering Business Support Services (BSS) Service Development Portal & API Service Creation Tools Consume r In-house IT Platform & Virtualization IaaS Service Provider Portal & API 43 Hybrid Cloud Integrator: Client controlled from within the enterprise Infrastructure Integration for Monitoring Metering, Cloud Service Broker Secure Security, Connectivity, Resiliency, Policy Performance & Consumability Governance

Dimension 6 Governance and Organisation 44

Only 10% of Cloud Computing is about Technology; the rest is about a new delivery model for IT services, impacting the Business, Technology and Organization. BIO= Business+IT+Organization B Business Go 2 Market From Capex to Opex Return on Assets Balancesheet Technology Standardization Consolidation Virtualization Automation T The impact of of Cloud Computing Organization ITIL processes System Roles & Responsibilities Skills O 45

The Governance of a Cloud Computing does require special focus on: IT alignment with changing Client service requirements, control of the IT Service Catalog, and relationships with Cloud Providers. 46

Closing Final thoughts, on to the drinks! 47

To say thanks! Cloudonomics The Business Value of Cloud Computing, by Weinman, Joe http://www.cloudonomics.com/ 48

Additional content: Industry standards National Institute of Standards and Technology (NIST) has gradually become the defacto definition of cloud computing, but also has useful publications on security, implementation and reference architecture for cloud computing. The Open Group known for several IT standards like TOGAF, Archimate and UNIX has several collaborations for cloud computing with some really valuable assets to share. Cloud Standards Customer Council (CSCC) currently has three interesting deliverables and several use cases for specific industries. Cloud Computing Use Case Discussion Group has two really good whitepapers on cloud computing and its impact on a business. The Cloud Standards Wiki covers several standards like Distributed Task Force (DMTF), The European Telecommunications Standards Institute (ETSI) and Organization for the Advancement of Structured Information Standards (OASIS). 49

50