1. 29.09.2011
Data Center Consolidation and
Cloud Computing in Government ICT
It is a Matter of Time
John R. Savageau
Los Angeles, California
savageau@pacific-tier.com
Topics
• Data center consolidation
• Disaster recovery and business continuity
• Introduction to cloud computing
• Moldova case study
• Government roles in cloud computing
1
2. 29.09.2011
Every Day Dynamics
Urgency
Business
Data Center
Continuity/
Consolidation
Disaster Recovery
Meeting Point
For
Cloud Computing Discussion
Planning
Technology Changing/Enabling
Refresh Cycles Applications
Government
Data Center
Consolidation
Not just an issue for
US – it is a common
issue for nearly all
governments
2
3. 29.09.2011
Data Center Consolidation
VISION: Create a whole-of-government approach to data centers, disaster
recovery, and business continuity. Provides standards and integration of the
government’s ICT infrastructure matching a wide range of government
information needs in an optimal manner with regard to interoperability,
development agility, cost, energy use, and operations.
• Adopt modern technologies and practices that will improve
the effectiveness and efficiency of data center use
• Consolidate data centers in a model that will reduce
duplication and un-necessary costs for base ICT infrastructure
• Match national objectives and business needs to ICT utility
and protection of national data
Australia
Traditional vs. Cloud in Data Center
Traditional Data Center Cloud Processing Center
• One user, one cabinet or suite • One infrastructure, many
in data center users
• One application per server or • One application per virtual
cluster server
• Dedicated storage for a single
application • Shared processing resource
• Average utilization <20% • Shared storage resource
• Separate switching and • Average utilization >75%
telecom • Shared switching and telecom
• Separate/individual licenses • Volume licensing
NASCIO
3
4. 29.09.2011
Surveys – National ICT Infrastructure
• Obsolete or
unsupported h/w, s/w
• Incompatible systems
• Old or non-existent
documentation
• Loss of skilled or
experienced staff
• Inability to meet
business requirements
• Data security
shortfalls
– Disaster recovery
– Standard access
controls
Data Center Reviews
Suitability Offsite Expansion
Location to Task Size Air Conditioning Power UPS OSS/BSS Telecom DR Security Plans Comments
Jakarta Kominfo 6th Floor Small Spot NMS 1 no Medium Yes
Jakarta Kominfo 2nd Floor Small Spot NMS 1 no Medium Yes Single use facility
Batam Medium Central/Dry NMS 1 no Medium Yes Low power
Samarinda Small Spot NO 1 no Medium Yes
Cyber Center Large Chilled Water OSS/BMS >20 no High Yes Best observed - Carrier hotel/IXP/Colo
Ministry of Agriculture Small Spot NMS 1 no Low Yes No power available for expeansion
PLN Jakarta Medium Central/Dry NMS 3 no Medium Yes Moving facility
IDC Batam Medium Central/Dry OSS 5 no Medium Yes Small colo, adequate
Ministry of Public Works Small Spot NO 2 no Low Yes Small , low power, not all on UPS
Bureau of Statistics Medium Central/Dry NMS 1 no Medium Yes Good facility, requires DR
Ministry of Finance Medium Central/Dry NMS 2 no Medium Yes Good facility, moving
Unsatisfactory 1
Marginal 2
Adequate 3
Good 4
Exceptional 5
4
5. 29.09.2011
Why Some Resist Consolidation
Overall, resistance to data center consolidation is
not a technical issue, it is based on personal reasons.
NASCIO – National Association of State CIOs
Disaster Management
5
6. 29.09.2011
Disasters do Happen…
• How well will you be
prepared when it happens
to your data center?
• Is your critical national
data protected?
Disaster Recovery Planning
• International DR/DRC/BCP standards
– NFPA 1600 (Process and Planning)
– ISO 24762
– BS 25999 (UK) There are good international
– COBIT/ITIL standards for disaster recovery and
business continuity, as well as
mature application support. The
• Main objectives problem is getting plans off
– Safeguard data PowerPoint slides and into
implementation.
– Respond quickly
– Restore operations
6
7. 29.09.2011
Intro to Cloud Computing
It is Just a Matter of Time
A Matter of Time
• We need to start the discussion someplace, and
defining cloud computing is that place
• Cloud computing is still an evolving paradigm. Its
definition, use cases, underlying technologies,
issues, risks, and benefits will be refined and better
understood with a spirited debate by the public and
private sectors.
• This definition, its attributes, characteristics, and
underlying rationale will evolve over time. (NIST)
7
8. 29.09.2011
NIST - The Most Common Cloud Frameworks
"Cloud computing is a model for enabling convenient,
on-demand network access to a shared pool of
configurable computing resources (e.g., networks,
servers, storage, applications, and services) that can
be rapidly provisioned and released with minimal
management effort or service provider interaction”
ICT Operational Costs
11%
New Applications
Development
Existing Applications
53% Maintenance
36% Infrastructure (IT
Equipment/Facility)
A major objective of cloud computing is to
return as much budget/funding to new ICT Spending in
applications development and innovation as Traditional Large
possible by relieving individual organizations
of infrastructure cost and operations burden Organizations
Various Sources
8
9. 29.09.2011
Economics of Virtualization
• We plan for peak use
• Most resource remains unused
From Berkeley “Above the Clouds”
Traditional IT Equipment Use
• Normally less than 20%
• Consolidation increases performance
• Virtualization reduces cost
Overall Compute
Unused or Wasted Resources
and Storage
Resource Capacity
Turn Off
Until Needed
Move to
Virtualization
9
10. 29.09.2011
Cloud Service Essential Characteristics
• On-demand Self-service. Users provision computing and storage
capabilities.
• Broad Network Access. Compute, software, and storage resources
are available through a network connection.
• Resource Pooling. Compute resources are pooled to provide a
single resource to be assigned and reassigned according to user
demand.
• Rapid Elasticity. Compute and storage capabilities can be rapidly
and elastically provisioned, in some cases automatically, to quickly
scale out, and rapidly released to quickly scale in.
• Measured Service. Cloud management systems automatically
control and optimize resource use by leveraging a metering
capability at some level of abstraction appropriate to the type of
service used.
Cloud Service Models
• Infrastructure as a Service/IaaS. The capability provided to the
consumer/user to provision processing, storage, networks, and other
fundamental computing resources where the consumer/user is able to
deploy and run arbitrary software, which can include operating systems
and applications.
• Platform as a Service/PaaS. The capability provided to the consumer/user
to deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages and tools supported by
the provider.
• Software as a Service/SaaS. The capability provided to the consumer/user
to use a software provider’s applications running on a cloud infrastructure.
SaaS
PaaS
Each layer builds on the previous layer
IaaS
Wikipedia
10
11. 29.09.2011
Cloud Deployment Models
NIST Deployment Models
Cloud Model Cloud Description
The cloud infrastructure is operated solely for an organization. It may
Private Cloud be managed by the organization or a third party and may exist on
premise or off premise.
The cloud infrastructure is made available to the general public or a
Public Cloud large industry group and is owned by an organization selling cloud
services.
The cloud infrastructure is a composition of two or more clouds
(private, community, or public) that remain unique entities but are
Hybrid Cloud bound together by standardized or proprietary technology that
enables data and application portability (e.g., cloud bursting for load-
balancing between clouds).
The cloud infrastructure is shared by several organizations and
Community supports a specific community that has shared concerns (e.g., mission,
security requirements, policy, and compliance considerations). It may
Cloud be managed by the organizations or a third party and may exist on
premise or off premise.
An interconnection by several cloud service providers allowing cross
Plus -> InterCloud provisioning, resource allocation, and cloud exchange marketplace.
NIST Cloud Combined Framework
Hybrid Clouds
Deployment
Models Private Community Public
Cloud Cloud Cloud
Service IaaS PaaS SaaS
Models
On Demand Self-Service
Essential Broad Network Access Rapid Elasticity
Characteristics Resource Pooling Measured Service
Massive Scale Resilient Computing
Common Homogenity Geographic Distribution
Characteristics Virtualization Service Orientation
Low Cost Software Advanced Security
Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com
11
12. 29.09.2011
Elements of the Cloud
Users Users Users Users Users Users Users
Application User Interface Layer
(SaaS)
API Layer
(PaaS)
Resource Management Layer
(IaaS)
Storage Systems
Provisioning Engine for the Virtual Data Center
Creates virtual data centers and IT infrastructure
within a compute and storage resource
12
13. 29.09.2011
The Virtual Data Center
• To the user, it is no different than a traditional
data center
• Greater efficiency
• Faster provisioning
• Ease of management
IaaS
PaaS
Cloud (PaaS) User Views and Control
• Allows individual agency or
ministry IT managers to
control own virtual data
center resources
• Easy to visualize and
understand
• Simplifies resource planning
and management
• Overall resource
management at the
national operations center
level
13
14. 29.09.2011
SaaS – I Don’t Care Where the Applications are Hosted
• Single application
• Many users
• Content is secure
• Simple
Virtual Desktop Support/ SaaS
• Full desktop utility
• Security
– Physical media protection
– Virus/Malware
– Hacking
• Rapid provisioning
• Volume licensing
Not hardware or
OS
dependent
14
15. 29.09.2011
NIST Cloud Computing Priorities
• Interoperability – clouds need to work
together
• Portability – workloads and data should be
able to move as needed
• Security – customer data and workloads are
protected
All require development of open and usable standards
“Quick Win” - Disaster Recovery
• Requirement to backup government data into a
central (offsite) location
– Server-based
– Workstation-based
– “Cloud Storage” model
• Long term disaster recovery designed into Cloud as a
distributed/mirrored architecture allowing
immediate fail-over
15
16. 29.09.2011
Issues and Concerns w/Clouds
• Security of government information
• Personal Privacy of citizens
• Availability and performance
• Management and control
• Migration planning
“Cloud computing is not a silver bullet,
but offers a transformational opportunity
to fundamentally reshape the operations
of government and close the IT gap”
(Kundra)
Security is Main Issue with Clouds
Q: Rate the challenges/issues ascribed to the “cloud on demand model”
1= Not Significant 5= Very Significant
Vendor Availability/Experience 44,3%
Regulatory Requirements 49,2%
Portability 50,0%
Cost of Implementing 50,4%
Ability to Customize 55,8%
Integration with Existing IT
61,1%
Systems
Availability 63,1%
Performance 63,1%
Security 74,6%
0,0% 10,0% 20,0% 30,0% 40,0% 50,0% 60,0% 70,0% 80,0%
Source: IDC Enterprise Panel N=244
16
17. 29.09.2011
Cloud Security Challenges
• Data dispersal and international privacy laws
– EU Data Protection Directive and U.S. Safe Harbor
program
– Exposure of data to foreign government and data
subpoenas
– Data retention issues
• Need for isolation management
• Multi-tenancy
• Logging challenges
• Data ownership issues
• Quality of service guarantees
NIST
Government Roles in Cloud Computing
Thought Leadership
Standards
Policy
17
18. 29.09.2011
Government Roles in Cloud
• Create national policies and standards
– Data security
– Data formats
– Data and IT Governance
• Produce cloud computing solutions in support of
government operations
• Provide guidance for both government and commercial
initiatives
– Strategic roadmaps
– Best practices
– PPPs Government Plays
An Additional Role
As National ICT
“Thought Leader”
US Federal Cloud Computing Vision and Mission
Vision Statement
Establish secure, easy to use, rapidly
provisioned IT services for the Federal
Government, including:
• Agile and simple acquisition and
certification processes Mission Statement
• Elastic, usage-based delivery of Drive the government-wide adoption of
pooled computing resources cost effective, green, and sustainable
• Portable, reusable and interoperable Federal cloud computing solutions
business-driven tools
• Browser-based ubiquitous internet
access to services
• Always on and available, utility-like
solutions
36
GSA Cloud Computing Initiative Vision and Strategy Document
36
18
19. 29.09.2011
Cloud Readiness Assessment
• Profiles – all levels of government
management and users
• Awareness and Knowledge
• Existing Technical Architecture
• IT Organizations and Training Plans
• Security and Risk Assessment
• Cloud Computing Strategy
• IT Governance and Management Strategy
Cloud Development Case Study
Moldova M-Cloud
19
20. 29.09.2011
M-Cloud Introduction
The Requirement
– Establish a government-wide shared compute
infrastructure
– Use international best-practices
– Develop M-Cloud public services focusing on:
• Meet specific performance objectives
• Availability
• Security
• Data location
• Data recovery
• Regulatory
• and other legal requirements.
Moldova
• Develop approach, including:
– Surveys of existing data centers
– Cloud Readiness Assessment
– Review of BCDR environment
– Interview govt agencies and private companies
– Intensive thought leadership campaign
– Feasibility study
• Prepare cloud vendor procurement bid and
implementation roadmap
20
21. 29.09.2011
M-Cloud Leadership
• Move to a “cloud first” national ICT policy
• Identify opportunities through data center
consolidation
• Centralize certification of cloud solutions
• Establish standards for security, interoperability &
data portability
There was a time when every household, town, farm or village had its own water well. Today,
shared public utilities give us access to clean water by simply turning on the tap; cloud
computing works in a similar fashion. Just like water from the tap in your kitchen, cloud
computing services can be turned on or off quickly as needed. Like at the water utility, there
is a team of dedicated professionals making sure the service provided is safe, secure and
available on a 24/7 basis. When the tap isn’t on, not only are you saving water, but you aren’t
paying for resources you don’t currently need. (Kundra)
Utilities: 1) Roads 2) Water 3) Electricity
4) Broadband and Compute
M-Cloud Government Structure
High Level View of M-Cloud
21
22. 29.09.2011
Governments Should Consider Cloud
Computing at Any Stage of Development
• Cloud computing solves immediate problems
– BCDR
– More responsive to urgent government agency
requirements
– Data center consolidation & operations efficiency
– Improved flexibility/productivity in application
development
• Knowledge creation
Cloud Standards
A B
Proprietary
Value-Added
Standard
22
23. 29.09.2011
Cloud Standards Mission
Provide guidance to industry and
government for the creation and
management of relevant cloud computing
standards allowing all parties to gain the
maximum value from cloud computing
45
Standardization
Allowing Value-Added and Proprietary Implementation
• Advanced or Value- Proprietary Value
Added features and Additional
Functionality
• Standard or
Core features Standardized Core
Cloud Capabilities
GSA
23
24. 29.09.2011
Standards Framework
• Cloud computing reference architecture
• Cloud service level agreements
There are many existing and emerging standards
• Systems interoperability •
•
OASIS
OCCI
• DMTF
• Data portability • OVF
• CDMI
• Security and privacy •
•
IEEE
And more…
• Recommendations
– Contribute government or agency requirements
– Participate in standards development
– Encourage agency compliance testing and development
– Encourage all agencies to adopt standards
– Provide training to all agencies and users
Cloud Computing
Reference Architecture
48
48
24
25. 29.09.2011
Cloud Computing Journey Inter-Cloud
We Are
Here Open
Standards
APIs and Virtual Private
Protocols Cloud Hybrid Cloud
Private
Cloud
Public
Cloud
25