As private cloud computing technology becomes more pervasive, technologists such as ourselves come up with increasingly more penetrating questions about its benefits, position in the IT landscape, and operation under the covers. The release of Microsoft System Center Virtual Machine Manager (VMM) 2012 spurs questions around how private and public clouds interact and how they can be managed together. Here are the top ten questions and answers from discussion groups across the tubes.
Q. Other than who owns the facilities, which other features differentiate private and public clouds?
A. With a private cloud, not only does your organization own and control the physical hardware, it controls all aspects of security, service offerings, and end-user access. In a public cloud, the end user has carte blanche with all these capabilities. This extra layer of control between infrastructure and user is critical to satisfying many corporate governance requirements, such as HIPAA and PCI.
Q. The private cloud sounds just like virtualization with a user portal. Which other attributes of a private cloud elevate it above standard data center virtualization as practiced today?
A. Virtualization is the framework within which you construct a private cloud, but there are many more components before a virtualized data center can claim cloud status. A private cloud delivers services, not just infrastructure. A service is an assembly of several virtualized components that make up a deliverable component. For example, you might spin up a database, web server, and security firewall in three separate virtual machines (VMs), interconnect them with several virtual LANs (VLANs), and then offer that assembly to end users as an e-commerce service. A private cloud lets you automate the delivery of service to end users, with optional service level agreement (SLA) and usage chargeback. You design once, then users provision many times—without IT staff intervention.
Q. Which components do I need to create a private cloud?
A. You need physical hosts running a hypervisor to support multiple VMs, a storage array offering virtualized provisioning for one or more classes of disk storage, and a data network that can interconnect any set of components in a way that isolates the set from all other sets. You also need instrumentation, in the form of host, storage, and network monitoring, to track usage and give you early warning of capacity shortages. Finally, you need a management tool set that lets you control all components and automate processes to eliminate human intervention when deploying services to users. In VMM 2012, Microsoft calls this entire complex the private cloud Fabric.
Q. Does a private cloud need to standardize on a single hypervisor technology?
A. Not at all. The hypervisor is just another infrastructure component. If you have some workloads that run better with one hypervisor than another, your private cloud management tools can manage the hypervisors just as they would different types of disk storage or network interconnections. VMM, for example, supports both Microsoft Hyper-V and VMware vSphere hypervisors.
Q. What is the most important feature for a private cloud management component?
A. Because a private cloud computing collects a lot of computing assets in a centralized complex, the most crucial feature is the ability to automatically adapt to changing resource availability. For example, if increasing traffic to a web server threatens to reduce the performance of nearby workloads below SLA minimums, the management system must be able to move workloads around or add CPU, memory, and network bandwidth capacity to accommodate the new stress. This flexibility also provides resilience in the face of an unplanned outage, by switching to redundant compute, network, and storage resources until the outage can be fixed.
Q. How do you prevent VM sprawl in a private cloud environment, where users can spin up new services at will?
A. The key to preventing VM sprawl is concise, accurate usage monitoring, reporting, and chargeback. Just as a public cloud accounts for every CPU cycle, disk byte, and network bit per second to bill users, a private cloud needs to provide for timely internal billing so that users pay their fair share for the resources that they use.
Q. What expertise do we need to design and build our own private cloud?
A. You need qualified hardware and software engineers that are experts on every component in the cloud and that can select components that match your expected workload requirements. This level of expertise might not be present in every organization, but that doesn't need to prevent you from running your own private cloud. You can purchase pre-engineered, validated cloud-in-a-box solutions that combine proven hardware and software components using a validated, tested design with a predictable performance level. For example, Microsoft and HP have several private cloud offerings, from ready-to-run packaged solutions to custom-designed private cloud complexes.
Q. What is an end-user self-service portal?
A. A self-service portal is typically a web-based interface that users employ to peruse a catalog of available services, select services for deployment, and then manage that deployment. In contrast to a public cloud self-service portal, which gives all users unlimited access to any resources that they can afford to buy, a private cloud portal applies policies and quotas to users appropriate to their missions within your organization. These policies and quotas help to prevent runaway resource usage and maintain security in line with corporate governance requirements.
Q. Can we create a private cloud from our existing virtualized data center components?
A. It is possible to add a private cloud management layer to an existing well-designed data center infrastructure, providing that infrastructure has fully-manageable components compatible with the private cloud management platform you choose. For example, a virtualized domain controller (DC) managed with VMM 2008 could upgrade to VMM 2012 to gain a service-delivery management tool set, complete with self-service Web portal, and begin to immediately deploy services from their existing DC with all the benefits of private cloud automation, agility, and cost accounting.
Q. Can we move workloads freely between private and public clouds?
A. If the private cloud management tool set is interoperable with the public cloud tool set, then you can move workloads between cloud realms. This lets you exploit the public cloud's larger resource pools to accommodate short-term needs or gain tighter control of a service by taking a public service private. Microsoft uses VMM 2012 as the management platform for its Azure, Bing, Office 365, and Windows Live public cloud services, so the platform can already deploy in both private and public clouds and move workloads between clouds.