Note: Through the end of the year, we’ll be posting one blog per day from our top 10 “greatest hits” from Thoughts on Cloud since we launched in September. This post is #6 and was originally published on Sept. 16.
In a previous blog post, “The new “C” in CSP: from communications to cloud service provider,” I discussed the analysts estimates on public cloud market opportunity and expected growth. I explained why communications service providers (CSPs) are uniquely positioned to take advantage of this opportunity. I also summarized the actions that CSPs must take to transform themselves from communications service provider to cloud service provider.
In the blog post “IBM Cloud Service Provider Platform pumps new life into old networks,” I provided an overview of the IBM solution specially designed to meet the requirements of cloud service providers, in particular in the telecommunications space.
In the blog post “It’s all about the business: Winning in the cloud with IBM Cloud Service Provider Platform,” I described the create pillar of IBM Cloud Service Provider Platform (CSP2 ) in more detail. I explained how it helps you to transform your business, create a new portfolio of services, differentiate yourself in the marketplace, and launch new services quickly.
Now I’d like to tell you more about the manage pillar of CSP2 . The following figure summarizes the three pillars of the CSP2 offering: create, manage, and monetize highlighting the manage pillar, which is the focus of this blog post.
The heart of the “manage” pillar is an integrated service management software, IBM Service Delivery Manager, that enables creation, delivery, and management of cloud services. IBM Service Delivery Manager provides the essential cloud service automation and management capabilities:
- Service orchestration, which allows requesting services using runbook to create workflows for automated service provisioning
- Automated service deprovisioning to ensure resources are freed up when they’re no longer needed
- Discover the service
- Track configuration and changes to the service
- Multi-tenancy, both at the self-help portal level so that customers can see only their services, and at resource level so that they can manage only their resources
- Advanced image management for one-step importing of images that will be provisioned
- Real-time hypervisor monitoring to provide the health report for virtual machines and assist in capacity planning
- Service usage accounting to enable billing of the services consumed; collect, analyze, report, and bill based on service usage and cost
- Self-service portal
- Service catalog
- Cloud management high availability, workload mobility, and recoverability
As a cloud service provider, you have unique requirements that fall into the following key areas:
- Highly secure, multi-tenant environment for customer isolation. This requirement is important because, as a CSP, you are building a public or community cloud for your clients where customer isolation is critical.
- High scalability and rapid provisioning. A CSP must have the ability to support millions of new clients and services, and the ability to provision tens of thousands of virtualized services instances per hour.
- API-driven self-service portal. The self-service portal is the storefront your clients see when they log on to your cloud to access the services you offer. You need the ability to integrate your existing portal with the self-service portal and service catalog provided by IBM Service Delivery Manager and other partners in your ecosystem.
- Support heterogeneous infrastructures. You might need to purchase new hardware to support the scaling and growth of your cloud platform. However, you want the cloud management platform to work on the existing environment and be able to grow it in a modular style moving forward. This requirement includes support for multiple hypervisors such as VMware, KVM, Xen, UNIX, PowerVM, , storage, and network devices from multiple vendors.
- Integrated monitoring and metering. You need the ability to charge for the services launched from this platform and therefore you need usage metering and accounting that is ready to use. Monitoring of the services is important to ensure quality of service and to integrate into existing business service manager or quality of service management infrastructures. The ability to integrate with your existing business support services (BSS) and operational support services (OSS) is very important.
- High availability and integrated backup.
IBM Service Delivery Manager has been enhanced to not only provide the core cloud service automation and management capabilities, but also to meet the special requirements of CSPs. It provides an environment that is secure, multi-customer, highly scalable, and carrier-grade.
Besides the core service automation and management capabilities provided by IBM Service Delivery Manager, the “manage” pillar of CSP2 includes enhanced options. The enhanced options are built-in extensions for security management, network management, storage management, and advanced monitoring and service level management. This proposition is not all or nothing. Based on your requirements and current investments, you can prioritize the enhanced options and decide which ones you want to deploy.
The following figure is a simple representation of the core service automation and management component and the enhanced options included in the “manage” pillar of CSP2.
IBM Service Delivery Manager is a prepackaged and self-contained software appliance. It is delivered in VMware images made highly available with Tivoli System Automation. The following figure shows IBM Service Delivery Manager’s software components:
- Tivoli Service Automation Manager
- IBM Tivoli Monitoring
- IBM Tivoli Usage and Accounting Manager
This portal is the Web 2.0 self-service user interface included in the core service automation and management component. The self-service portal leverages the service catalog to determine the list of available services. The self-service portal also drives the reservation of compute, storage, and networking resources from the virtualized pool of resources that IBM Service Delivery Manager provides. This capability gives customers control over the services they need and allows IT to quickly recover resources when they are no longer needed. The self-service portal relies on automated provisioning to deliver the services. It is Web 2.0-enabled so you can add various widgets if you choose to use this GUI for customer’s business and widget-like service creation. It is a single portal to manage multiple hypervisors, multiple platforms, and to be able to customize, extend, and integrate with your existing portal as needed.
The self-service portal represents the core of the service automation capabilities of CSP2. It is not just about provisioning VMs, but about requesting and reserving services, launching services in minutes, from simple VMs to SaaS applications, from a single portal. The following figure shows a view of the self-service portal.
- Users can request the services they need, when they need them, for the time they need them.
- Easily manages automated approval policies and fully extendable to complex workflows if needed.
- Eliminates manual processes for requesting resources.
- It is based on a RESTful Web2.0 API for ease of integration with existing portals.
It is easily customizable for branding, logos, and corporate color schemes.
The service catalog is part of the core service automation and management. It is a single repository for all cloud services. The service catalog is where the cloud services are stored and it also stores the information needed to provision the requested services. It allows users to use IT services without being an expert in IT. Users can simply request the services they need without having to understand any of the complexities involved in delivering the service. The entire process of requesting the service, getting the request approved, and provisioning the service is tracked in the service catalog. The service catalog makes IT organizations more responsive to their customers, improves the consistency of the services, and improves delivery times of the services.
The service catalog provides the capability to import new service templates using wizards; third party services can be onboarded easily. Perhaps the CSP’s clients own services can be onboarded easily into the catalog. Client-specific image segmentation enables multi-tenancy support: client A should have its image separate from client B and those clients should not be able to see each other’s images. The image management capabilities provide the ability to have a master image or a master service pool. The CSP’s clients can have their own subsidiary image or pool.
Security management is an enhanced option built on the IBM Security Framework. Without a doubt, security is a primary concern for cloud service providers and their customers. Security should be factored into the initial design of any critical infrastructure solution and built into the solution. Security must be built into the cloud fabric, not added as an afterthought.
The IBM Security Framework can help you address key security challenges in the following areas:
- Security governance, risk management and compliance
- People and identity
- Data and information
- Application and process
- Network, server, and endpoint
- Physical infrastructure
The security management enhanced option of CSP2 helps you to:
- Detect rootkits and suspicious behavior.
- Protect against new hypervisor threats.
- Protect against attacks between virtual images in a multi-tenant environment.
- Deliver preemptive protection. Detect suspicious behaviors such as malware that can be infested into the VM images before it is replicated throughout the cloud.
- Identify and isolate threats.
- Seamlessly federate identities.
- Protect against intrusion for network traffic.
- Ensure compliance and audit control.
Network management is another enhanced option. It helps you to automate your network and cloud service quality management. Network management addresses the following challenges faced by cloud service providers:
- Service outages and security breaches caused by missed-configured network devices
- Time-consuming manual audits required to track configuration changes
- New customer billing delays waiting for network devices to be configured
- Service level agreements (SLAs) being breached because of slow mean-time-to-repair
In a cloud environment, many customers and services are impacted when a device is down. This is why visibility of the network is crucial. You also need policy management to manage those changes. The networks are complex, which makes automation even more critical. Network management exploits the IBM Tivoli Netcool network management portfolio, which many CSPs already use for their existing OSS management in their networks.
The key capabilities of the network management enhanced option are:
- Automated network configuration and change management in a multi-customer environment, with high levels of standardization, accuracy, and control for setting up the VLANs and configuring firewalls
- High visibility of the network traffic behavior to quickly identify root cause of performance problems and monitoring VLAN traffic
- Improved visibility of network bottlenecks
- Proactive management of network traffic and improved capacity management by identifying unexpected customer demand or activity
- Reductions on operational costs by consolidating performance management system and enabling proactive problem identification
Similar to hypervisors, CSPs have multiple storage systems. Virtualization of storage leads to optimization of cost. Storage cost continues to rise as customer demands increase. Inaccurate or unclear view of utilization results in unnecessary storage purchases. Customers trust their data to cloud service providers; you must protect your customer’s data.
Storage management is an enhanced option that helps you address the following challenges:
- Complexity of heterogeneous storage systems requires specialists with in-depth skills on each storage platform.
- Lack of storage utilization knowledge leads to purchases of unnecessary additional storage capacity.
- Unique customer data needs protection.
- Predicted customer demand creates storage scalability issues.
The key capabilities of the storage management enhanced option are:
- Advanced integration with virtual storage to automate the provisioning of storage for cloud services across multiple platforms and disk vendors.
- Advanced backup/restore and data resiliency provided by Tivoli Storage Management or Tivoli Storage Manager FastBack. Enable immediate backup and recovery of VMs or services launched by your customers with advanced technologies such as data de-duplication.
- Automate cloud storage management by combining disk capacity from multiple vendors and platforms into a single virtualized pool.
- Reduce the complexity of managing storage by centralizing, simplifying, and optimizing tasks associated with storage systems management.
- Monitor the utilization and performance of storage to maximize resources, respond to growth, with cost optimization in mind.
- Match the value of data to the cost of storage with simple tiered storage functions.
Advanced monitoring and service level management
The advanced monitoring and service level management enhanced option helps you address the following challenges:
- Customers demand immediate problem resolution for services that they are paying for.
- Monitor applications in private and hybrid cloud environments.
- Track SLAs to optimize the support structure cost for delivering services.
- Loss of money if service delivery cost is higher than revenue generated.
- Need an improved mechanism to determine service rates.
The advanced monitoring and service level management enhanced option improves service availability and enhances your customers’ experience. The key capabilities are:
- Improves service availability and resiliency with real time service management for the cloud environment.
- Helps you to identify and proactively resolve the most critical problems with automated event correlation, isolation, and resolution.
- Monitors the middleware, databases, and applications.
- Provides a business service dashboard with real-time key performance indicators (KPIs), service performance, availability, and business impacts.
- Helps you manage service level agreements and provides visibility on how you are performing your SLAs with your customers.
- Helps you determine service delivery cost by measuring resource usage (also known as “cloud cost management”).
- Provides business service dashboards.
Comprehensive reference architecture and industry framework
During the past three years, IBM has developed a comprehensive Cloud Computing Reference Architecture, also known as IBM CC RA. It represents the aggregated experience across hundreds of cloud client engagements and the implementation of IBM-hosted clouds. The IBM CC RA received accolades from industry analysts and client alike. The CSP2 offering is an instantiation of the IBM CC RA.
The CSP2 architecture is also aligned with the IBM Service Provider Delivery Environment (SPDE) framework. The IBM SPDE 4.0 Framework delivers real value to CSPs as they look for ways to deliver new and innovative services, improve operational efficiencies, and enhance customer experience. IBM released the first version of SPDE in 2001, and since that time, it has continually upgraded and improved the framework to meet the changing requirements of service providers.
Open and extendable
The CSP2 solution is SOA-based and extendable through a published and open RESTful Web2.0 API. For example, if you don’t want to use the self-service portal provided with the core service automation and management component, you can build your own portal or use your existing portal. From your own portal, you can implement functions such as requesting services, reserving services, deprovisioning services, and adding users through a REST API call to the CSP2 service catalog. Another way to extend the CSP2 platform is through advanced hybrid cloud integration with WebSphere Cast Iron Cloud Integration. See the blog post “It’s all about the business: Winning in the cloud with IBM Cloud Service Provider Platform” for more information.
With the CSP2 offering, IBM is delivering an instantiation of a very strong cloud and telecommunications industry frameworks, both the result of architectural work combined with feedback and requirements from thousands of client engagements.
IBM systems for cloud computing
CSP2 gives you flexibility and choice. It supports a heterogeneous infrastructure allowing you to take advantage of your existing hardware investment when you start building the cloud environment. However, as your cloud environment grows, it is important to choose a hardware infrastructure that is optimized for cloud computing. IBM’s servers and storage products are designed for high scalability, modular growth, and built-in security. IBM system management software helps you manage the cloud infrastructure bottom up.
IBM Systems Director
IBM Systems Director unifies the essential management of IBM servers, storage, and network devices delivering a consistent look and feel for common management tasks. Systems Director manages:
- IBM System z and System x
- IBM Power Systems
- IBM BladeCenter
- IBM Storage Systems
- Selected non-IBM servers (x86), z/VM, VMware and PowerVM
- Operating systems: Microsoft Windows, Linux, AIX, IBM i
Systems Director provides the following management capabilities:
- Discovery: Upon initial deployment, Systems Director discovers all resources (platforms, operating systems, physical and virtual servers, voice and data networks, fault-tolerance clusters, storage devices, and SANs) and brings them under management. Then, it discovers new resources as they are added to the system.
- Inventory: Systems Director provides inventory management of all resources and allocates them for provisioning new services.
- Configuration: Systems Director gives IT the ability to configure all resources for optimized performance and capacity to meet changing workload requirements. Administrators can tailor and optimize workloads by allocating specific resources to specific tasks to improve service and performance.
- Resource monitoring, event notification, status reporting: Systems Director continuously monitors all resources, notifies IT of events that impact the system, and provides status reports.
- System health: In addition to resource-specific monitoring and reporting, Systems Director also offers IT system-wide views of system health to ensure that the entire system is functioning within accepted parameters and to quickly identify trends and conditions.
- System updates: Systems Director enables IT to quickly execute system-wide updates instead of having to update resources or groupings individually.
- Energy management: Systems Director reduces energy costs and usage by monitoring and managing the energy and cooling needs of servers and storage.
Systems Director’s open plug-in architecture enables the addition of other capabilities that are manageable through the Systems Director interface.
VMControl is a Systems Director plug-in that provides cross-platform, cross-hypervisor visibility and control of virtualized environments from a single user interface. It enables administrators to discover, inventory, configure, update and monitor devices across the following virtual environments: z/VM, Linux, Power VM, x86 VMware, Open Hypervisor with Red Hat, and Microsoft Hypervisor. VMControl also manages pools of resources and cooperating systems.
Based on the existing IBM Tivoli Storage Productivity Center, Storage Control is a Systems Director plug-in that provides integrated end-to-end life cycle management of physical and virtual server and storage resources. Storage Control provides device discovery and coverage in integrated physical and logical topology views, showing relationships between storage and server resources, and enabling configuration of physical and virtual resources.
Active Energy Manager
Active Energy Manager is a Systems Director plug-in that monitors, measures, and manages the energy and thermal components of IBM servers, storage, and networking equipment. The product extends the scope of energy management to include non-IBM systems, facility providers, facility management applications, and power distribution units (PDUs). Active Energy Manager provides discovery, management, and optimization of energy usage, monitoring energy consumption, and operating temperature of individual devices. It provides relevant metrics for power distribution units and uninterruptible power supply (UPS) devices.
Active Energy Manager can leverage features built into IBM hardware to dynamically reduce energy consumption by limiting the power a given resource is allowed to consume. Users can predefine energy usage thresholds, and as usage approaches the threshold, the system will reduce processor clock speed and voltage to stay below the threshold. The product can achieve the same effect system-wide by putting systems into a low-power mode when full server performance is not required.
The IBM integrated service management vision
IBM Systems Director provides end-to-end platform management of all heterogeneous IBM resources in the cloud infrastructure. IBM Service Delivery Manager provides the essential cloud service automation and management capabilities. The combined solution closely integrates all resources with business processes, enabling monitoring and management from the bare metal to cloud services, which fulfills IBM Integrated Service Management (ISM) vision as show in the following figure.
Juniper’s core competencies and advanced capabilities add value to CSP2 in three key areas, which are critical to the CSP’s business:
- Orchestration of cloud services: orchestration goes well beyond automation of discrete provisioning activities. It means groups of devices, applications, and technical capabilities can be combined on the fly to satisfy the requirements of different types of customers. With Juniper, CSPs can provide:
- Automated provisioning of switching, routing, and security in the network for new cloud services: IBM Tivoli Service Automation Manager can call Juniper’s network platforms and automate creation of VLAN, QoS, and traffic security at the scale CSPs require.
- Automated security checking: IBM Tivoli Usage and Accounting Manager can call advanced Junos automation capabilities to aid in provisioning ensembles of server and storage networks.
- Service assurance: By orchestrating policy enforcement between the elements of the cloud, IBM CSP2 and Juniper’s platforms deliver the bandwidth and per-service QoS needed for users’ applications, on-demand.
- Dynamic security on a whole new scale: Juniper can deliver dynamic control of the network environment, from switches to applications. This way enables carriers to adapt security to changes in traffic flow resulting from virtualization, and address user trends that are part of cloud computing. Enhanced security infrastructure includes the ability to better manage identities, applications, and policies across the network.
- The new network—simplified data center fabric: Juniper is simplifying the data center network that supports cloud computing. Juniper’s single, scalable fabric collapses traditional tiers through a direct, “universal connectivity” approach. This true fabric technology delivers a host of advantages for cloud computing:
- Simplicity: Multiple networking devices can be operated and managed as a single logical device, allowing for device and management consolidation.
- Performance: Traffic passes through fewer switches, greatly reducing latency, and accelerating network and application performance.
- Security: Fewer devices to manage plus Juniper’s strong security technologies yield tighter network and data security at larger scale, making multi-tenancy practical.
- Scale: Reduced network complexity eliminates security and management issues that would otherwise constrain rapid scale-up of cloud services.
- Virtualization: Juniper switches interoperate well with all major hypervisors, and Juniper’s network fabric raises the ROI of virtualization by allowing for more strategic projects.
- Agility: It’s easier to customize the application environment and infrastructure for customer-specific requirements.
- Savings: Consolidation produces CAPEX savings; less management complexity yields OPEX efficiencies.
IBM Service Delivery Manager provides the core cloud service automation and management capabilities: reservation, request, approval, provisioning, deprovisioning, discovery of services, real time hypervisor monitoring, service usage accounting, self-service portal, service catalog, high availability, workload mobility, and recoverability.
IBM Service Delivery Manager has been enhanced to meet the special requirements of CSPs: highly secured, multi-tenant, highly scalable, and carrier grade.
The enhanced options are extensions for security management, network management, storage management, and advanced monitoring and service level management. Based on your requirements and current investments, you can prioritize the enhanced options and decide which ones you want to deploy.
The CSP2 solution is open and extendable through an open and published RESTful Web2.0 API. It is the instantiation of the IBM CC RA and the SPDE telecommunication industry frameworks along with the aggregated experience gained in thousands of client engagements.
IBM systems are optimized for cloud computing. IBM Systems Director and several additional system management software delivered as System Director plug-ins, provide end-to-end platform management of all heterogeneous IBM resources in the cloud infrastructure. Systems Director fits with IBM Service Delivery Manager as puzzle pieces enabling monitoring and management from the bare metal to cloud services, which fulfills IBM Integrated Service Management (ISM) vision.
The IBM and Juniper alliance takes carrier clouds to a higher level. Juniper’s cloud-ready, sophisticated network technologies, network management capabilities, and dynamic security give carriers the ability to create and “orchestrate” customized cloud services quickly and efficiently. Multiple networking devices can be operated and managed as a single logical device.