IBM SmartCloud Enterprise+ A managed multi-tenant private cloud Ruediger Schulze 11/07/2013
About me Ruediger Schulze Senior Software Engineer at the IBM Development Lab in Boeblingen Joined IBM in 1998 e-mail: ruediger.schulze@de.ibm.com xing.de: Ruediger Schulze Linkedin: Ruediger Schulze 2011 until today Smart Cloud Enterprise+ Provisioning Development Lead 2010 High Availability for Smart Cloud Enterprise (SCE) 2009 Data Center automation project for German customer 2007 to 2008 Test Team Lead for Tivoli Systems Automations 2006 Development Team Lead for Tivoli Dynamic Workload Console z/os related UI 2005 zseries Capacity Provisioning 2004 System Provisioning Development 1999 to 2003 z/os Workload Manager Development 1998 Digital Data on S/390 2
Agenda Introduction to IBM Smart Cloud Enterprise+ Deployment Topology Create Server SCE+ Use Cases OpenStack and the SCE+ Use Cases Summary 3
Introduction to IBM SmartCloud Enterprise+ ibm.com/smartcloud/services/enterpriseplus IBM SmartCloud Enterprise+ Management, support and deployment Security and isolation Availability and performance Technology platform Payment and billing Enterprise+ B Enterprise+ A B Dedicated cloud Shared cloud services SCE+ is a robust, production-ready cloud environment providing fully managed infrastructure as a service (IaaS) Designed for versatility, with a variety of usage scenarios. Built on reliable hardware following a resilient design to ensure enterprise-class performance and availability Flexible configuration options for both Power and x86 running the operating systems AIX, Windows and Linux and storage Multiple security and isolation options built into the virtual infrastructure and network to keep tenants separate from each other Single centralized management with cloud-based IT infrastructure library (ITIL) processes (change, configuration and asset management) Globally deployed across multiple data-centers with a shared management environment and shared or dedicated managed environments 4
Usage Scenarios for IBM Smart Cloud Enterprise+ Managed development and test Data center transformation Develop and test applications and then move them into production all on the same platform Maintain security levels and increase speed to market with a consistent, fully managed operating environment Leverage fully managed Infrastructure as a Service (IaaS) globally to standardize and optimize infrastructure, save money and facilitate collaboration and innovation Managed web hosting/apps/social As a component of an Industry play Manage client-facing web site, company intranet, web applications or web social applications Enable applications and manage them scaling to meet increases in traffic Provide a robust foundation for transformational plays for an industry-specific solution like SmartCloud Service Delivery for Electronics or to deliver a company solution to end user customers Production workloads Run SAP and Oracle Applications on a security-rich cloud infrastructure enhanced with IBM deep expertise, processes and tools 5
SCE+ is deployed in data centers around the world North America Europe, Middle East and Africa Asia Pacific Latin America India Local point of delivery 6 North America: Raleigh, N.C., and Boulder, Colo., USA; Markham, Canada South America: Hortolandia, Sao Paulo, Brazil Europe: Ehningen, Germany; Montpellier, France; Winterthur, Switzerland; Barcelona, Spain Asia Pacific: Sydney, Australia; Makuhari, Japan
SCE+ Deployment Topology SCE+ Portal Single centralized managing system in Ehningen (DE) For SCE+ Portal, SCE+ IaaS API, Service Catalog and offerings, service management functions like change, asset and config management manages multiple, local sites Service Orchestration Local sites contain tools used to manage resources across multiple PoDs for provisioning, patching, service activation & deactivation Points of delivery (PoDs) at a given site can be shared or dedicated, local or remote contains managed resources (server, storage, network) managing tools for HW management, backup and monitoring, etc. Upto 6 PoDs per site SCE+ IaaS API Central Cloud Management Service Management Service Catalog Change Management Asset Management Config Management Incident Management Metering and Chargeback Site A Management Provisioning Patch Management Security Compliance Identity Management Event Management Asset Management Config Management SAnD PoD1 Standard processes Account Management Onboarding Entitlement Billing Reports SLA Management Site B Management... PoD1 Hypervisor managers Patch Management Monitoring Storage Management Managed p,x, XIV... 7
SCE+ Deployment Topology Local Site Local Site: Single instance of Service Automation and Provisioning engines manages multiple PoDs Two cloud pools per PoD (1 x VMWare, 1 x VMControl) Local Site Management Service Automation and Provisioning Repository Patch Automation Security Compliance LDAP Active Directory CI & Asset Discovery Antivirus PoD: Two building blocks for HA fail-over and DR Pre-allocate datastores for VMWare according to SLAs Storage allocation for AIX through Storage Virtualization Manager (SVM) to ensure disk cleansing PoD1 PoD1 Power System Pool: 12 x p770 VMWare Cluster A: 8 x x3850 Backup Monitoring VMWare Cluster B: 8 x x3850 Storage Virtualization Manager (SVM) Storage Productivity Center (TPC) SAN Volume Controller (SVC) Storage... Storage 8
SCE+ Service Orchestration and Provisioning Service Orchestration is done on the central site, by combining the services provided by the local sites into composite services. Single portal service requests trigger within the associated change multiple service requests in the local site to provide the requested service Service requests created within the local site fulfill a specific provisioning use case Central Cloud Management Service Management Service Request Change Request Workflow SCE+ API SCE+ Portal Inbox Assigment CI CMDB Asset Asset DB REST REST API Local site Service Automation and Provisioning Service Request Workflow Virtualization Manager API VM System Management products 9
Self-service management through the SCE+ portal The SCE+ portal provides the customer with access to the SCE+ offerings. SCE+ portal Server Management Server, Storage, Projects, Monitors, Patches, IP addresses Service Operation Approvals, Service Requests, Incidents Account Management Teams, Users Create Server example: Capacity Service category Software image Managed services 64-bit IBM System x virtual machine 8 central processing unit, 16 gigabytes (GB) random access memory (RAM), 384 GB storage 99.5 Silver service-level agreement 24-hour service request fulfillment RHEL Linux 6.3 IBM DB2 Enterprise Edition v9.7.1 Operating system 10
Parameters of the Create Server offering 11
SCE+ Configuration options VM Capacity options x86 options 32-bit configurations 64-bit configurations max Small Medium Large Small Medium Large Extra large Jumbo Windows: depending on OS edition Virtual CPUs 1 2 4 1 2 4 8 16 64 Windows: 4 (SE), 8 (EE), 64 (DC) Virtual memory (gigabytes) 1 2 4 2 4 8 16 32 128 Windows: 32 (SE), 128 (EE, DC) Instance storage (gigabytes) 64 128 192 64 128 192 384 512 49.664 (incl. 24 disks w/ 2 TB each) IBM Power Systems options 64-bit configurations max Small Medium Large Extra large Jumbo Virtual CPUs 1 2 4 8 16 32 Virtual memory (gigabytes) 2 4 8 16 32 96 Instance storage (gigabytes) 64 128 192 384 512 49.664 (incl. 24 disks w/ 2 TB each) Operating Systems x86 operating Systems 32 bit 64 bit Windows Server 2003 R2 DC / EE / SE Yes Yes Windows Server 2008 R2 DC / EE / SE n/a Yes Red Hat 5.6 Yes Yes Red Hat 5.8 Yes Yes Red Hat 6.3 Yes Yes IBM Power Systems options 64 bit AIX 6.1 Yes AIX 7.1 Yes Software x86 operating Systems AIX Windows Linux IBM DB2 EE V9.7 Yes Yes Yes IBM WebSphere MQ V7.0 Yes Yes Yes Apache Tomcat V5.5 Yes Yes Yes IBM MQ Client 7.0.1 Yes Yes Yes SLA SLA Availability Platinum (incl. disk replication) 99,9 % Gold 99,7 % 12 Silver 99.5 % Bronze 98.5 %
Steps for creation of a virtual machine (VM) in SCE+ Customer requests VM through the cloud web portal Virtual machine virtual resource provisioning of server and storage resources Execution of automated tooling for preparation of operating system. Examples: Install and configure agents (for example, monitoring and backup) Patching operating system (OS) to current levels Security scans (e.g. Antivirus) Registration into management tools. Examples: Configuration (CI) in Configuration Management database (CMDB) Asset VM and installed software Compliance contain records of full compliance to security policies and standards Verification by IBM Delivery Executive and turn over to customer for use More than 70 tasks are automated and auditable. SCE+ portal VM provisioning OS configuration Registration SmartCloud Enterprise+ Verification 13
Use Case: Create Server 14
Use Case: Create Unmanaged Server 15
SCE+ Managed services and tools Monitoring and management of operating systems (OS) Monitoring and patch management of OS components Antivirus on Microsoft Windows OS Accounting of software licenses OS-level security and compliance Security policy management and compliance support ITIL-based managed services enable more consistent and efficient service management Service catalog Service request activation and deactivation (SA&D) Incident, problem and change management Event management Configuration management Asset management Supporting managed services to enable additional management and resiliency Management above the operating system (such as database and middleware) Monitoring and response to alerts Patch management Vulnerability management for the managed environment Scanning using IBM security services Response to alerts and events 16
Use Case: Add managed services 17
Use Case: Add raw disks 18
Storage support for AIX Add up to 24 disks in addition to the root disk to an LPAR with varying sizes from 4 GB to 2 TB, allowing for a maximum of 48 TB of data disks workflow: SVM_AddDisks The creation of the additional disks is done using Storage Virtualization Manager (SVM) HMC ISD / VMControl SVM allocates requested disks and maps them to the storage VIOS of the LPAR s host VIOS Host VIOS SVM achieves disk cleansing by creating a thin volume first, setting up a thick mirror, syncing the mirror and finally deleting the thin volume once synchronization is complete. SVM TPC SVC Workflow SVM_AddDisks requests disk allocation through SVM, runs commands to map the disks to the LPAR and triggers ISD/VMControl discovery XIV... XIV 19
SCE+ Use Cases (subset) Backup and Restore Server Management HA Cluster Management 20
OpenStack and the SCE+ use cases SCE+ Use Case Select VLANs & IPs Provision LPAR Provision VM Select Datastore Create Disk Mirror Clean Disk Configure OS Configure SLA Configure and register hostname Register CI and asset Add raw disks Add managed services Deploy software Modify server resources Remove server Stop, Start, Restart Server Server Backup and Restore File Backup and Restore Create and Remove HA cluster Reserve and Release Service IP OpenStack component Neutron together with Heat or external orchestration Nova using PowerVM driver Nova using vmwareapi driver Use external orchestration Use external orchestration Use thin provisioning or external orchestration Use Chef for OS specific settings Use external orchestration and Chef for OS specific settings Neutron Use external orchestration Potentially Cinder but no disk replication support yet Use external orchestration Potentially Heat or external orchestration Nova Nova together with external orchestration for agent deregistration and removing disks Nova Potentially nova or external orchestration Use external orchestration Nova together with external orchestration Neutron 21
Summary Introduced IBM Smart Cloud Enterprise+ as an Infrastructure as a Service (IaaS) solution designed to provide clients with access to a robust cloud environment fully managed by IBM. Discussed the deployment topology of SCE+ as an example to illustrate how clouds can be globally deployed. Discussed the Create Server use case of SCE+ in detail and developed the understanding that the use cases of production-ready, managed clouds are associated with additional requirements to the infrastructure and automation. OpenStack will become the provisioning solution for clouds. With the current functionality not all use cases can be covered yet. But given the momentum of the development, it is reasonable to assume that these functions will be delivered in near future and that OpenStack becomes a suitable alternative for enterprise-level cloud implementations. 22
Topics for Student Essay u Describe the use cases to be considered for an enterprise-level cloud implementation like SCE+. u Evaluate how these use cases maybe realized with OpenStack in future and where OpenStack still requires enhancements to cover them. u Describe the deployment topology of a globally deployed cloud SCE+. 23
Thank you for your time today. For more information: IBM SmartCloud Enterprise+ Contact: Ruediger Schulze ruediger.schulze@de.ibm.com 24