EDRM 1102023 v6 Government of Canada (GC) Cloud Computing: Information Technology Shared (ITSS) Roadmap Jirka Danek, Chief Technology Officer Information Technology Branch Public Works and Government Canada April 2010
Agenda GC IT Governance Structure Accomplishments to Date Cloud Concepts GC Vision and Plan 2
GC IT Governance Structure TBS Enterprise Governance Stakeholder Engagement Aligned with GC Profile of IT PWGSC Governance GC CIO IT Security A.P. IT Security W.G. IT Security W.G. IT Security W.G. Executive Committee CIMB CIO Council Heads of IT Small Dep ts / Agencies ITSS Council IT Shared MB (ITSSMB) Telecomm A.P. DCE A.P. DCS A.P. Telecomm W.G. Telecomm W.G. Telecomm W.G. DCE W.G. DCE DCE W.G. W.G. DCS W.G. DCS W.G. DCS W.G. Strategic Review Committee Dept l IM/IT Steering Committee Transformation Executive Committee ADM Security & Identity IT Common & Shared CIO leads policy renewal, stakeholder Demand requirements and enterprise management of change PWGSC leads project management, service implementation and ongoing operations Product & Executive Committee (PSEC) Business Intake Review Board (BIRB) ITS Operational Governance Product Portfolio Review Committee (PPRC)
Accomplishments to Date Obtained agreement on Language and Definitions for Cloud Computing Received ITSS Management Board endorsement of GC Cloud Computing Roadmap 4
A Working Definition of Cloud Computing Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing resources (e.g. servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models. Source: National Institute of Standards and Technology 5
5 Essential Cloud Characteristics On-demand self-service 3 Cloud Computing Service Models Ubiquitous network access Resource pooling -Location independence -Homogeneity Rapid elasticity Measured service SOA/Web Based Virtualized Applications Software as a Service (SaaS) Web, Applications & Database Hosting Platform as a Service (PaaS) * Virtual Computing & Storage Infrastructure as a Service (IaaS) * Access & Peering Networks Ubiquitous Network Connectivity Ubiquitous Network Connectivity * DCS Scope Cloud 4 Cloud Deployment Models COMMUNITY CLOUD 1 PRIVATE CLOUD Shared by several organizations and Operated solely for an supports a specific organization. community that has shared concerns Cloud Computing Client Options Client Content Client Content and Application Hosted on a Service Provider Platform as a Service PUBLIC CLOUD Made available to the general public or a large industry group and is owned by an organization selling cloud services. HYBRID CLOUD Composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability Client Owned Client Application SaaS Client Platform PaaS Client IaaS Infrastructure Client Provider Network Network Ubiquitous Network Connectivity Service Provider Owned 6
Business Case for GC Cloud Computing Current GC Infrastructure Purpose built servers racked for each application Underutilized capacity (e.g. 15%) Long lead times for provisioning (i.e. weeks to months) Sub-optimal use of data centre space, power and cooling Costly To-Be GC Infrastructure Standardized virtual servers for different types of applications Optimum utilization (e.g. 80%) Rapid provisioning (i.e. minutes to days) Reduced use of space, power and cooling Lower cost 7
GC Cloud Architecture Logical GENS Government Enterprise Network : consolidation of all telecom services within the GC. SCNet Secure Channel Network: secure, government-wide telecommunications network for connecting systems within the GC. SMS Shared Metropolitan Area Network Service (SMS): provision of high speed network connectivity to GC organizations. 8
GC Community Cloud Security Architecture 9
Security Domains Platform as a Service Software as a Service Infrastructure as a Service Facility ITSS Security Domain RDIMS Mainframe Appln Hosting Client X Health Canada GEDS 2.0 Web Hosting RCMP Email Hosted Database Mid-Range Appln Hosting MSFT Client Y VCS Infrastructure Canada Managed Storage DFAIT Infrastructure Components VPN Anti-Virus Network Firewall Property Management Personnel Security Clearance Program External Provider Security Domain Brokered Hosted Other Gov t Dept Security Domains / Version: 1.00 10
Security Domains and Interface Points (SDIPs) IaaS Security Domain PaaS Security Domain 11
ITSS Community Cloud Service Offering Choice for CIOs Servers ITSS Community Cloud PAY, Pension, CampusDirect, GEDS, GC Intranet, Jobs, Canada.gc.ca, etc. Microsoft Next Service Adopter Domino R8 Free / Busy Mobile Integration Directory SCNet PWGSC Private Cloud Common Messaging Platform Next Service Adopter Common Supporting Departmental Environment Private Cloud 12
Enabling the ITSS Community Cloud Shared Document Management Shared Travel Application Shared Corporate Applications Shared Collaboration SaaS Mainframe Solutions Mid Range Solutions Database Solutions Desktop Platform Solutions PaaS Partitions/ VMs Virtual Machines Virtual Storage Virtual Firewalls Virtual Circuits Virtual LANs IaaS Cloud Cloud Provisioning Provisioning Security Complete In Progress Authorization & Authentication Directory Data Center Infrastructure & Application Virtualization High Speed Network Connectivity 13
Roadmap to Community Cloud Computing SaaS PaaS IaaS Network Short Term Internal Collab (GEDS 2.0, GCPedia, GCConnex, GCForum, VPCS) Commoditized Web Hosting Virtual Storage Service Virtual Computing Service SCNet Contract Extension SMS Extension East-West Internet Secure Perimeter Long Term Virtual Office / VOIP / Collaboration v2 Federated ID Management and Directories Cloud Based Application and Database Hosting On-Demand / Self-Serve Process Automation On-Demand / Self-Serve Departmental Private Cloud Peering Public Cloud Peering Process Automation GENS Architecture 14
GC ITSS Enterprise Collaboration Gov2.0 GC Closed Collaboration GC Open Collaboration Workspaces Chat Presence Tags Notification Wiki Conferencing Discussions GC Forums GCPedia Wiki Social Networking Common Login Credentials Common Profile Information Common Directory ICM Internal Credential Management Shared access cards GEDS2.0 Compensation Web Application and other GC enterprise applications Common GC Directory Dept l Directories
Cloud Computing Benefits Q: Rate the benefits commonly ascribed to the 'cloud'/on-demand model (1=not important, 5=very important) Easy/fast to deploy 83.6% Pay only for what you use 81.5% Low monthly payments 77.9% Less in-house IT staff, costs 77.5% Offers the latest functionality 77.0% Encourages more standard IT 73.3% Sharing systems/information simpler 67.2% Source: IDC Enterprise Panel, August 2008 n=244 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 16 % responding 3, 4 or 5
Cloud Computing Challenges 17
Thank You Please Join the Journey!