As organizations continue to look to cloud services for IT and business uses, their computing environments are becoming vast, entangled webs that span public cloud services and various forms of private cloud. They’re exceedingly difficult to monitor, manage and secure.
“Typically, each of those individual platforms may have a management tool for that one platform, but using different tools for each system you’re using is just painful,” said cloud computing standards advocate Mike Edwards. “It’s not a good place to be.”
Edwards, who develops cloud applications at IBM, spoke in a webinar hosted by the Cloud Standards Customer Council on Wednesday on cloud management platforms, commercial tools that can help organizations navigate hybrid cloud environments.
The webinar aired shortly after the publication of a July report on using and managing hybrid cloud management platforms, which are designed to “simplify the management of resources such as applications and data infrastructure across multiple clouds,” said Karl Scott, a consultant at Satori Consulting.
Scott and Edwards delved into the variety of functions that such tools should perform for organizations seeking to lower costs, improve efficiency and innovate as swiftly as they can.
Integration. Hybrid cloud management platforms must pull together computing systems that live inside and outside the organization, Scott said. First, there are the cloud services themselves — public cloud infrastructure such as Amazon Web Services and Microsoft Azure, internal private cloud and also hosted private cloud, which are run in a provider’s data center on servers dedicated to one customer.
These cloud systems have to also blend in existing enterprise tools – things like incident, configuration and asset management software – Scott said, “because it doesn’t necessarily make sense to rip and replace all systems in the environment.”
General services. These “play a key role to expose hybrid services,” Scott said. Components include a central management portal that can be accessed on a web browser as well as on mobile devices and a service catalog listing all the cloud services that are available.
Analytics and reporting are important, too, Scott said, for “understanding the consumption of cloud services.” For example, the tools can point administrators to services the organization is running – and being charged for – but not using.
Service management. The purpose here, Edwards said, is to simplify administration of all policy-guided IT services. Managing service levels is one key piece.
“It’s essentially about ensuring availability of the services that you’re using and that you’re getting the performance you expect out of those services to meet the service levels that are agreed upon with your users,” he said.
Cloud management platforms also need to monitor the integrated information from all the cloud services and show users what’s happening. And they need to do capacity monitoring, or keep track of computing resources available. That’s critical for determining where certain applications should be run, Edwards said.
“For example, it may well be the case that a private cloud system you have on premises will have definite limits on so many machines, on so much storage and so on,” he said. So a public cloud may be a better choice for a particular workload.
Financial management. Organizations need to track the amount of resources they’re using and spending money on, and the financial management component of hybrid cloud management platforms helps them do that, Edwards said. It does metering, collecting service usage statistics and analyzing usage patterns, allocates costs to the right departments and handles the various invoices coming from cloud providers.
The financial component must also help organizations plan how much cloud computing power they will need in the future, Edwards said. “The ability to forecast the way you’re going to be next week, next month is another key factor.”
Resource management. Resources for cloud computing include virtual machines and object storage, certainly, Edwards said, but the on-demand nature of cloud means organizations need to manage and allocate network, software and database capabilities.
To do that, they’ll need discovery – visibility into what cloud resources are there for the taking. They’ll also need to tag resources so they’re associated with the right applications or departments and automate the provisioning and orchestration of computing resources.
“A given workload may have a number of different resources that need to be pulled together to make it work,” Edwards said. “We must make sure those are orchestrated appropriately so that the whole thing, the whole application, is going to work properly for us.”
Organizations also need to be able to move workloads from cloud to cloud, whether public to public — Azure to Google Cloud Platform, for example — public to private or private to public. A hike in cloud provider pricing may demand such a move, for example, as could the need for faster processing of data, which private clouds can often provide.
Governance. Hybrid cloud usage must be in accordance with an organization’s policies, Edwards said. Policy-based management in a cloud management platform, for example, can prevent the moving of confidential data to the public cloud. Compliance with industry standards and regulations is also critical, Edwards said.
“We need to be looking for appropriate, ideally policy-based governance capabilities built into the cloud management platform, which can get automatically handled as we perform deployments and spin up resources inside the cloud systems,” he said.
Security. Organizations need mechanisms in their hybrid clouds to ensure security, Edwards said, so a cloud management system needs to manage how and when encryption is applied, for example. Role-based access control, or limiting certain usage to certain roles — admin or end user or developer — is important in ensuring that information gets into intended hands only.
“You can never get away from security; it always matters,” Edwards said. “And the challenge with using hybrid cloud services from different providers is to make sure that all the resources that we’re allocating get the appropriate security elements dealt with when they’re deployed, when the resources are spun up and that everything is correct and in place.”