Cloud Computing Reference Architecture 2.0: Overview

CC RA team / presented by Mike Buzzetti

.Executive Summary

.Introduction & Overview –Historical evolution of the Reference Architecture –Structure of the RA 2.0 –Target audience –How to apply the RA for cloud implementations

.Cloud Computing Reference Architecture Details

The IBM CC RA represents the aggregate experience across hundreds of cloud client engagements and the implementation of IBM-hosted clouds – Based on knowledge of IBM’s services, Cloud Service Cloud Service Provider Cloud Service software & system experiences, including IBM Consumer Creator Cloud Services Common Cloud Research Management Platform (CCMP)

Existing & 3rd party Business-Process- services, Partner as-a-Service Ecosystems The IBM Cloud Computing Reference Architecture Cloud Service Integration (CC RA) is reflected in the design of Tools Software-as-a-Service Operational Business – IBM-hosted cloud services Service Support Support Creation Services Services Tools – Clouds IBM implements for clients (OSS) (BSS) Platform-as-a-Service

– IBM cloud appliances Consumer In-house IT – IBM cloud service management products Infrastructure-as-a-Service

The CC RA focuses on cloud specifics such as radical cost reduction while achieving high Infrastructure degrees of security, reliability, scalability and Security, Resiliency, Performance & Consumability control Governance

The CC RA consists of 21 detailed documents representing best-of-industry knowledge and insight on how to architect, design and implement clouds

The IBM Cloud Computing Reference Architecture … .Is based on open standards .Delivers enterprise-class security to meet local, regional and national compliance for privacy and governance .Combines powerful automation and services management (low touch) with rich business management functions for fully integrated, top-to-bottom management of cloud infrastructure and cloud services .Supports the full spectrum of cloud service models, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS) and Business Process as a Service (BPaaS) .Enables the flexible scaling and resiliency required for successful cloud economics and ROI .Facilitates seamless integration into existing customers' environments .Is based on our industry leading expertise with SOA for building services and service- oriented architectures

4 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture IBM Cloud Computing Reference Architecture: Development Process Development led by the IBM Cloud Computing Architecture Board .Comprising technology leaders from IBM Research and IBM’s software, systems and A process of continuous improvement helps ensure that the services organizations reference architecture is both responsive to changing client and security requirements and incorporates technology .>50 of IBM’s top cloud computing experts developments via IBM products and evolving design represent the core team specifications.

Derived from extensive client interaction combined with IBM’s extensive capabilities and experience in building enterprise-class IT systems.

The CC RA provides specifications for – the physical components of a cloud implementation (network, compute, storage, virtualization) – Software components required to run management – Operational processes – Governance policies tailored for the 5 environment or enterprise. © 2011 IBM Corporation IBM Cloud Computing Reference Architecture The IBM Cloud Computing Reference Architecture covers are broad range of important cloud-specific topics

6 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Structure of the IBM Cloud Computing Reference Architecture There are two deliverables for each work product of IBM Cloud Computing Reference Architecture the RA – Document: Detailed Captures cloud- Functional (=use cases) description of the work specific architectural and non-functional

C Non-functional product, important for in- decisions made on Use Cases requirements against the r any other work Requirements o other RA work products

depth work s product s - – Presentation: Summary of d o

m “Cloudified” the document, for simplified Defines all cloud- a management processes

i specific standards Architecture Overview consumption and quick start n for operating cloud

A Defines architectural building A w services with cloud- r

r blocks c c o

h scale-efficiency

h Product-agnostic r S i i k t t e e e S

The RA is defined r p S c t v t a Cross-cutting t e r u i u c n o c r

r Component Model

work product e d according the Unified a u d a

l a r

l Refines architecture overview to F

encompassing all i D r D t l d c

the next level of detail o y

Method Framework e

security aspects e s w t c c s i s

relevant in the i s (UMF) s Consistent & i i context of the CC o o prescriptive n RA. n s Simplifies field adoption s Operational Model architecture Deployment-level view across all since all IBM field architects of the reference architecture technical attend UMF training by domains default D w o o m r k a

i p

Each work product n r - o s Metering, Performance Cloud Service “Production Virtualization BSS De- includes one or more d p Multi-tenancy Hybrid Cloud Resiliency Rating and Consumability & Scalability Creation cloud” Management composition u e Accounting c “applied patterns” c t i f s i – An applied pattern illustrates c how the respective work product could be used / was used in a specific 7 implementation © 2011 IBM Corporation IBM Cloud Computing Reference Architecture IBM Cloud Computing Reference Architecture: Domain work product details IBM Cloud Computing Reference Architecture How to implement a cloud to achieve optimal performance & C Non-functional scalability r Use Cases o Requirements s s - d o m A a r c i n h Architecture Overview S i t w A

Guide for creating cloud e e S D r c r o S c t v services and how to t e a r e u h i k c c n c r i i t e exploit management d a u s e p

l a r i

Component Model F c

r o i D functions. r t t l o d n o y u e d s s w r c a u i s l s c

i t o s n

s Operational Model

Considerations for

implementing multi- D w tenancy in a cloud o o m environment r k a

i p n Metering, r - Performance Cloud Service “Production Virtualization BSS De- o s Multi-tenancy Hybrid Cloud Resiliency Rating and Consumability & Scalability Creation cloud” Management composition d p Accounting u e c c t i f s i Example for how to c implement a cloud management system for offering production-level cloud services

Definition for how to use Architecture & Details on metering, Detailed definition of virtualization implementation Resiliency rating and accounting, BSS domains and how How to optimize the end management across considerations for considerations for including prescriptive they should be to end experiences server, storage and implementing a hybrid implementing a cloud guidance with respect to implemented from a related to cloud services network cloud implementation product perspective

CC RA =

Harvesting Refinement Forward looking (“Learning from cloud deployments in + (“Improve the CC RA content presently + (“Which future topics are relevant for the past?”) available”) cloud computing”)

• Harvest learnings & • Continuous improvement of • Today’s cloud implementations material from cloud CC RA content based on are not necessarily optimal implementations (due to time & implementations while feedback from CC RA resource constraints) factoring out short cuts taken exploiters & stakeholder  Need forward-looking guidance by implementation team (e.g. on ideal target implementation due to constrained time •Examples are: • lines). Be clear about which parts • generalization of CCMP of the RA are already services addressed in today’s IBM • layered cloud services • Continuously ongoing cloud offerings and which • NFRs, e.g. security, harvesting process due to aspects still have to be resiliency additional learnings during addressed • Hybrid clouds each phase

9 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture How to implement a cloud using the IBM Cloud Computing Reference Architecture 1 Define 2 3 3b Leverage requirements and Define cloud service architectural . There is a well-defined Create cloud service and CCMP- decisions use implementation process for using the RA to implementation and CCMP documented in the implementation- details RA and make implement a cloud service guidance for specific architecture Service Flows implementation- cloud service and overview specific ones – A cloud is constituted CCMP throughout the by a CCMP implementation entire process implementation and an arbitrary number of Cloud Service cloud services Creation Architecture Component Operational delivered and Overview Model Model + managed by it + A r c h i Use Cases t e S . c A dedicated presentation t

3a t a u

Leverage guidance n r d and document is available Security on specific technical a l a

D + r describing the process for areas as input for d e s

Performance & Scalability developing a cloud c i using the RA to develop Non-functional service & CCMP s i Requirements o the management aspects Virtualization Management implementation n for a cloud service s + Resiliency . RA work products also Metering, Rating and Accounting Consumability serve as authoritative BSS De-composition reference on specific technical topics for Hybrid Cloud education purposes Multi-tenancy

“Production cloud”

10 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Using the CC RA: Which work products have to be created on a per Define cloud-service / CCMP Create cloud service / implementation-specific cloud service basis? CCMP implementation- standards being used. specific service flows. Document cloud Reference RA-level standard . The RA contains two Refer to RA-level service-specific definitions service flows. decisions made for types of work products Create cloud service / Create cloud service / each step of the cloud CCMP implementation- CCMP implementation- service creation specific architecture specific component 1. Work products process. overview, based on RA- model. Reference RA- Use the RA-level work Service Flows level AOD level component model only serving as a product as a reference for step definitions and reference product Create cloud service / recommendations CCMP implementation- documentation specific operational model. Reference RA- for specific Cloud level operational model Service aspects of Creation Architecture Component Operational Overview Model Model implementing a + new cloud: + A r c h i All “domain- Use Cases t e S

Document cloud c t t a

specific” work service-specific use u n cases. r d Security a l a

products except Reference RA-level use D + r cases serving as a d e s “Cloud service basis Performance & Scalability c i

Non-functional s i creation” Requirements o Virtualization Management n s 2. Work products Document cloud Resiliency + service-specific NFRs. serving as the Reference RA-level NFRs serving as a Metering, Rating and Accounting basis for a cloud- Consumability basis specific work BSS De-composition product: All Assess end to end Hybrid Cloud “cross-domain” experience creating, operating and Capture cloud service / work products managing this cloud Multi-tenancy CCMP-implementation service specific architectural plus “Cloud “Production cloud” decisions. Leverage experience Service Creation” documented as part of ADs being part of the RA Work product to be created on 11 a per cloud service basis © 2011 IBM Corporation IBM Cloud Computing Reference Architecture

Cloud Computing Reference Architecture Details

1 Define 2 3 3b Leverage requirements and Define cloud service architectural and CCMP- use Create cloud service decisions and CCMP implementation implementation documented in the implementation- details RA and make guidance for cloud specific architecture Service Flows implementation- service and overview specific ones CCMP throughout the implementation entire process

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Use Cases 3a Standards Leverage guidance Performance & Scalability on specific technical + areas as input for Virtualization Management developing a CCMP Non-functional implementation Requirements Resiliency + Metering, Rating and Accounting BSS De-composition Consumability Hybrid Cloud

Multi-tenancy

“Production cloud”

Cloud Service Creation

Objective: Describe all aspects around developing a new cloud service Cloud Service Cloud Service Provider Cloud Service – Scope is end-to-end Consumer Creator Can be on any Cloud Services Common Cloud process for developing a aaS-layeraaS-layer new cloud service. Management Platform (CCMP)

Focus is on the Existing & 3rd party Business-Process- management aspects as services, Partner as-a-Service they apply generically Ecosystems Cloud Exploit across all types of cloud Service Management Integration (OSS & BSS) services Tools “New functions Software-as-a-CloudService Operational Business – Provide detailed Service” Service description of basic Support Support Creation Services Services Tools terminology relevant for (OSS) (BSS) creating cloud services Platform-as-a-Service – Provide prescriptive Consumer In-house IT Exploit product runtime functions recommendations Infrastructure-as-a-Service relevant for each cloud service creation step and tooling around that – Provide illustrative Infrastructure examples (“applied patterns”) for how a new Security, Resiliency, Performance & Consumability cloud service can be Governance created

Existing management tooling, processes and operations staff?

Yes

Although having different Outsourcers motivations, software & process legacy and IT requirements, there is a organizations common approach for creating within enterprises cloud services across all segments

Different scenarios for offering Want to own IT No Yes infrastructure & have cloud services require runtime & mgmt - different delivery models for software installed on- premise? management software (“build- Communication it-yourself” vs. IBM-hosted) Service Providers & - different levels of integration ISVs new Cloud Service with existing management Providers tools

The internal structure of a cloud service is the integration of all runtime and management functions used to deliver, run and manage instances of the respective cloud service.

e.g. VMs, storage volumes, WAS instances, web Developing a cloud service means developing using & conferencing integrating runtime & management functions in a way that sessions, etc. IT capabilities can be delivered as-a-service.

defined in the CC CloudCloud Cloud serviceservice Reference service delivers Management functions instancesinstances Architecture instances (operational & Request, modify & use business) Cloud Service cloud service instances E.g. automated delivery & Consumer A Cloud Service (*-aaS) self-service mgmt, e.g. VM-aaS, Storage-aaS, WAS-aaS, entitlement, rating, WebConf-aaS, etc. provisioning, monitoring, CloudCloud Cloud delivers metering, patch serviceservice service management, high instancesinstances instances availability, backup & Cloud Service restore, incident & problem Consumer B management, etc.

delivers CloudCloud Cloud serviceservice operates service instancesinstances instances Runtime functions E.g. compute power, Cloud Service hypervisors, storage Consumer C capacity, network isolation zones, load balancers, web Example – Julieanswers.com cloud service: Cloud Service Provider - Julieanswers ear file & application servers, Operations staff - IHS/WAS/DB2 running the julieanswers ear file database management - Virtual machines running IHS/WAS/DB2 systems, analytics engines, - TivoliLive monitoring the health of the julieanswers app business process & portal and the underlying IHS/WAS/DB2 installation engines, etc. - Billing tool - BCRS to backup the julieanswers db2 database 16 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture 12 steps towards creating a cloud service

2. Implement runtime 3. Define unit of delivery & 4. Implement self-service delivery functionality rating & management functionality

App 1 MW * OS 1 1 1 1 Server Storage Network * 1* 11 1

Examples: VM, file system, Examples: “Create VM, add more Examples: Select off-the-shelf distributed app, virtual IP address, nodes to WAS cluster, change Describe function, price , SLA of hypervisor (VMaaS), implement queue, web conference, RDBMS, max # of seats for LotusLive web cloud service, incl. management custom app (e.g. LotusLive) scope 3-tier business app, etc. conf

5. Implement monitoring metrics & 6. Implement incident, problem 7. Implement 8. Implement backup event correlation rules and asset mgmt processes resiliency SLA approach

Select existing agent / implement Examples: HA for management Examples: Backup all VMs, new agent for monitoring JVM Incident, problem & asset mgmt system, delivered WAS cluster backup DB of LotusLive heapsize, hypervisor swap file process is specific to cloud must be highly available application size, # of processes, etc. service  customization needed

9. Implement 10. Implement cloud service 11. Implement rates for charging 12. Register cloud service security functions specific billing metrics cloud service consumption to service catalog

1 1 * * 11 11 1 * 1* 1 11 1 1 1* 11 1 11 1 $$$

Examples: $0.11/VMhour; A cloud service must be Implement authentication, Examples: CPU/hour, # of DB $0.19/MBsTransferred; registered to the service catalog auditing, data protection, transactions, GB/month, # of $0.02/webconference; to be externally accessible, governance & audit users/webconf/hour, etc. $0.05/fraudAnalysis entitlements need to be configured,

Step Products & technologies to build your own cloud service

1. Specify cloud service description n/a (cross-cutting)

2. Implement runtime functionality of the cloud service KVM, VMware, Linux, Windows, WAS, DB2, Cognos, Filenet, …

3. Define Unit of delivery & rating n/a (cross-cutting decision)

4. Implement self-service delivery & management functionality TSAM

5. Implement monitoring metrics & event correlation rules IBM Tivoli Monitoring, Omnibus, Impact

6. Implement incident, problem and asset mgmt processes Tivoli Service Request Manager & TAMIT

7. Implement resiliency SLA Tivoli System Automation

8. Implement backup approach Tivoli Storage Mgr

9. Implement security functions Tivoli Security / ISS portfolio

10. Implement cloud service specific billing metrics TUAM

11. Implement rates for charging cloud service consumption TUAM

12. Register cloud service to service catalog TSAM / TSRM Service Provider Edition

Step Building a cloud service hosted within the provider’s premise

Products & technologies Development/Config Tool Cloud service specific configuration / artifact

1. Specify cloud service description n/a (cross-cutting) n/a n/a

2. Implement runtime functionality of the cloud service KVM, VMware, Linux, Windows, WAS, DB2, Cognos, Rational Dev tools (for app artifacts), no VM golden master image, JEE ear file, SQL file, etc. Filenet, … image creation tools available today

3. Define Unit of delivery & rating n/a (cross-cutting decision) n/a n/a

4. Implement self-service delivery & management TSAM & TPM TSAM SD app TSAM Service definition & TPM provisioning workflows functionality TPM ADPE

5. Implement monitoring metrics & event correlation IBM Tivoli Monitoring, Omnibus, Impact Universal Agent Builder (ITM) Monitoring agent (ITM), event correlation rule (Omnibus) rules Omnibus-internal tooling

6. Implement incident, problem and asset mgmt Tivoli Service Request Manager & TAMIT TSRM-internal apps Incident & problem management workflows, jobplans, escalations processes (TSRM)

7. Implement resiliency SLA Tivoli System Automation Text editor (no dedicated tooling) HA policy

8. Implement backup approach Tivoli Storage Mgr TSM Backup agent Backup policy

9. Implement security functions Tivoli Security & ISS Portfolio Various various

10. Implement cloud service specific billing metrics TUAM No dedicated tooling available Metering collectors Job files

11. Implement rates for charging cloud service TUAM UI and CSV file import Rates persisted in TUAM database consumption

12. Register cloud service to service catalog TSAM / TSRM Service Provider Edition TSAM/TSRM internal apps Registration persisted in TSAM/TSRM internal database

Cloud Service Provider

Cloud Services Common Cloud Golden master VM Service Business image (runtime) Service DefinitionManagement Platform Manager Manager Registration [see runtime] persisted in DB TSAM SD app TSAM/TSRM- OSS – Operational SupportTPM for Images BSS – Business Support Existing & Tivoli Service internal apps rd Automation Manager Services Services 3 party TSAM / Tivoli Service BPaaS services, Workflows, job Request Manager SP Customer Service Service Partner plans, escalations Service Delivery Catalog Account Offering Offering Ecosystems TSRM-internal apps Management Catalog Management Job files, metering Cloud collectors

Tivoli Service Request S S e

Manager r Service e

Service Automation Management v

r Editor i v c i e Integration c

e D

golden master TPM workflows Tivoli Usage & C e v

Tools o

VM image, JEE e Accounting Manager SaaS n l s APDE o

ear file, SQL file, u p m etc. m e e r

Tivoli Provisioning n

P t

P Rational Dev tools Manager o Service r o t a (for app artifacts), Incident & IT Service r t l a Creation & l

no image creation Problem Level &

ITM Agents A Provisioning Managemen Managemen A tools available P Tools P today I t t KVM, VMware, Linux, ITM Agent Builder I Windows, WAS, DB2, Cognos, Filenet, … IBM Tivoli MonitoringPaaS

Consumer CSV file In-house Event cor. rule

IT Omnibus-int. tooling Platform & Virtualization Management Editor

Omnibus & Impact Tivoli Usage & Accounting Manager HA policy IaaS Service Provider Portal & API TAMIT DB entry Editor TAMIT apps Deployment Transition Operations Security & Customer Tivoli System Architect Manager Manager TSM backupRisk agent Manager Care Automation TAMIT Legend Tivoli Storage Manager

. Walkthrough all 12 steps per applied pattern while describing implementation-specific decisions per step (incl. product selections) 1. ISV • Example cloud service: “Desktop Cloud” 1. “Enterprise”: 1. WAS

. The applied patterns should serve as a guideline for anyone who wants to deliver IT capabilities as cloud services. . It is acknowledged that many real-world implementations won’t map exactly to the applied patterns described here – many will be in a “grey zone” in between. However, the applied patterns serve as good guidelines and blueprints for these custom implementations

. There will be more applied patterns available in future versions of the RA

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Use Cases & Roles

Service Component Offering Manager Developer Service Composer

Business Manager

Customer Account Manager, Business Office Consumer Deployment Cloud Business Manager Architect Service Creator Transition Service Integrator Manager may include may include Cloud Service Consultant, Cloud Education Specialist Consumer Service Manager Cloud Cloud Administrator Service Service Tenant Provider Consumer Administrator, Security & Risk Workload Manager Administrator, Data Administrator, may act as Security Administrator Operations Manager Consumer End User Operator, Green IT Facilities Customer Analyst, Manager IT Administrator Support & Care

IT Administrator specialties: Storage Admin., Network Admin., OS Admin., Virtualization Admin. 23 © 2011 IBM Corporation Detailed Role Description - Example: Service Manager IBM Cloud Computing Reference Architecture

Main Goal . Services meet their quality objectives . Get up-to-date information on service adoption in seconds not days . Have meaningful, fact based discussions on service quality with internal and external suppliers Main Responsibility The focus of a Service Manager is to enable the smoothest service flow possible between all systems, from business support system to operational support system services. They ensure that the running service is well aligned with business and operational objectives and targets. Main Tasks Service Setup of their day-to-day . Provision service job Service Runtime . Managing compliance with service’s Service Level Agreements (SLA) . Monitor third party supplier SLA . Detect service faults . Determine service impact (from infrastructure faults / degradation) . Prioritise problems based on network impact . Manage long and short term performance targets . Ensure alignment of business and operational support systems

Skills . Expert knowledge of the existing cloud infrastructure and good judgment of the impact of a new or changed solution on it . Proficient understanding of the particular service offering and its service instances . Expert automation knowledge . Proficient understanding of capacity/performance issues within and across systems Working with which Operations Manager; Operator; Network Administrator; Customer Account Manager; other roles ? Business Manager; Green IT Analyst; Deployment Architect; Cloud Service Creator

Creating & Managing • 38 use cases, grouped into 10 packages, along the cloud service life cycle Service Offerings Defining the Scope, Creating & Managing Service Offerings, Creating & Managing Consultative Analysis; Via F2F or Business Aspects Self-guided information & Web Sales channel Enable customers education for managed services

Install & configure platform; Manage capacity, changes, Request & View events, security; usage & billing Development & Test Monitor infrastructure(s); Create, reports; on the Cloud: Integrate Cloud & (non-) modify, Administer Cloud env.s Developing & testing secure access delete users; applications, using Create, development tool instances modify, delete user Desktop on the Cloud: groups Making use of ‘Anytime, Anywhere’ access to applications, information and resources

Collaboration in the Cloud: Using social networking services and online collaboration tools

Request, view, update, delete service instances

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Non-functional requirements

. Consolidate typical Cloud Computing Management Platform Non-Functional Requirements to illustrate the minimal set of non-functional requirements for building a Cloud Management Platform

. Reference architecture NFRs can help practitioners collect requirements during any project requirements gathering phase

. NFRs are key input to other TWPs including Component Model and Operation Model

. NFRs are high level in nature, as such, they should be evaluated along with the lower level CC RA Operational Model to establish the optimum Infrastructure for deploying the proposed solution

. Non-Functional requirements of a Cloud management platform are quality requirements or constraints of the platform that must be satisfied. These requirements address major operational and functional areas of the platform in order to ensure the robustness of the system.

Architectural Domains and Technical Work Product Inputs*

Cloud Delivery Models M V e t i r e P

SaaS t r u e i n a r f g l H o i M R z / y r

a R m e u b t s a l i r a t o i i

N t i

F l d n i R - n s i n t e

c e

C g n M e n l c & / o a a

PaaS NFRs y A

n u n S a d c c c g y c a e o l a m u b n e i t l n i i n t t y g IaaS

In version 2 of the NFR document we added NFRs from the following areas on top of the version 1:

. Applied Pattern NFRs Added - IaaS - Public Cloud: +20 - IaaS - Private Cloud: +17 - PaaS: +15 - SaaS – Managed Service Desk: +16

. Domain Specific NFRs Added - Performance and scalability: +14 - Multi-tenancy: +16 - Virtualization management: o Base virtualization: +12 o Network virtualization: +18 - Hybrid Cloud: +10 NFRs - Resiliency: +13 - Metering / Accounting: +24

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Consumability

30 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture What makes a cloud solution consumable? Consumability is a customer-centric term that describes the total customer experience with IBM products, solutions and services. Consumable solutions: Reduce total cost of ownership Improve time to value Market driver Attributes Reduce support and maintenance costs C

Identify o Key characteristics Easy to do business Evaluate n

On-demand self-service s

Plan u Ubiquitous network access m Location independent resource pooling Acquire a

Rapid elasticity Positive first-use Configure b

experience i l

Flexible pricing models Operate i t y

Integration is critical Integrate Rapidly integrates f r

Data Integration / Migration with existing a Deploy environment m Process Integration

Develop e UI Mashup Readily adapts to w customer requirements Customize o

Labor simplification drives efficiency r k Self Service Problem Mgmt Simplifies ownership Admin & Maintain Automation of Management and operation Standardization of Workloads Fix & Upgrade 31 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Designing Consumable Cloud Solutions

Gather customer, competitive, and market data Cloud Service Creator Understand key workloads for offering Cloud Cloud Service Service Provider Consumer Map key end-to-end tasks

Cloud User Roles Identify relevant Identify involved Describing who is consumability criteria user roles interacting with a cloud service at the different stages of the cloud life cycle Conduct consumability assessment and gap analysis

Consumability Assessment Design Using the consumability framework that is modified specifically for cloud solutions, identify the consumability goals for a particular solution, assess Customer Feedback Stakeholder Feedback the solution, and work towards closing (Validation) • Getting ongoing feedback from stakeholders is gaps. essential for designing a consumable solution. • Understanding the user roles, the next step is to identify key stakeholders whose feedback you need to gather 32 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Architectural Principles & Overview

An architectural principle is an overarching guideline or paradigm driving architectural decisions across the entire architecture process on a more granular level. 1. Design for Cloud-Scale Efficiencies (“Efficiency Principle”): Design for cloud-scale efficiencies, and time-to-deliver/time-to-change metrics, when realizing cloud characteristics such as elasticity, self-service access, and flexible sourcing.  Overarching objective of Driving down costs (¢/ServiceInstanceHour) and time-to-response by orders of magnitude

2. Support Lean Service Management (“Lightweight Principle”): Support lean and lightweight service management policies, processes, and technologies.  Radical exploitation of high degree of standardization in cloud environments to reduce management costs, based on an Eliminate-Standardize-Optimize approach

3. Identify and Leverage Commonalities (“Economies-of-scale Principle”): Identify and leverage commonality in cloud service design.  Maximum sharing of mgmt components, infrastructure & infrastructure / platform cloud services across cloud services to reduce CapEx & OpEx and time-to-market

4. Define and Manage Cloud Services generically along their Lifecycle (“Genericity Principle“): Define service templates and manage service instances generically along their lifecycle, across I/P/S/BPaaS.  Support I/P/S/BPaaS cloud services in a generic fashion, with a single management platform

CC RA architecture overview diagram lays defines basic Cloud Service Cloud Service Provider Cloud Service elements of any cloud service Consumer Creator environment Cloud Services Common Cloud Management Platform (CCMP) .Three main roles: Cloud service consumer, provider and creator rd whereas multiple roles can be Existing & 3 party Business-Process- services, Partner as-a-Service fulfilled by the same Ecosystems organization/person Cloud Service .Offered cloud services, required Integration Tools Management services (CCMP) and Software-as-a-Service Operational Business underlying infrastructure are Service defined. Support Support Creation Services Services Tools .Next level of drill-down defined for (OSS) (BSS) each architectural element Platform-as-a-Service

Consumer CCMP is one element of the In-house IT overall cloud computing Infrastructure-as-a-Service reference architecture .Defines operational and business support services commonly needed for delivering and managing any Infrastructure cloud service (I/P/S/BPaaS) .Doesn’t imply a single, monolithic Security, Resiliency, Performance & Consumability implementation of a CCMP. CCMP is typically implemented by a well- Governance integrated set of mgmt products

Business process services are any business process (horizontal or vertical) delivered through the Cloud IBM2 service model (Multi-tenant, self-service provisioning, elastic scaling and usage metering or pricing) via the BPaaS Internet with access via Web-centric interfaces and exploiting Web-oriented cloud architecture. The BPaaS provider is responsible for the related business function(s).

The capability provided to the consumer is to use the provider's applications running on a cloud NIST1 infrastructure and accessible from various client devices through a thin client interface such as a Web SaaS browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created NIST1 applications using programming languages and tools supported by the provider (e.g., java, python, .Net). PaaS The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, or storage, but the consumer has control over the deployed applications and possibly application hosting environment configurations.

The capability provided to the consumer is to rent processing, storage, networks, and other fundamental NIST1 computing resources where the consumer is able to deploy and run arbitrary software, which can include IaaS operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly select networking components (e.g., firewalls, load balancers).

Note: Across all cloud service models the definition is determined by the management scope covered by the provider. For example, in IaaS “the consumer does not manage or control the underlying cloud infrastructure […]”, in PaaS “the consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, or storage […]”, etc.. So this essentially about the tasks the operations staff of the provider takes on, it is not about the virtualization technology being used. For example, it’s possible to use hypervisor-level virtualization to realize PaaS, SaaS or BPaaS.

1. National Institute of Standards and Technologies; Draft NIST Working Definition of Cloud Computing, May 14, 2009 2. IBM MI and IPR definition bridge between Gartner and IDC, Aug 19, 2010

. CCMP defines all Cloud Service Cloud Service Provider Usage Metering and AccountingCloud Service management functions Consumer •Flexible support of delivery modelsCreator commonly needed for the Cloud Services Common Cloud Service Business automated delivery & Management Platform Manager Manager Service Automation Management management of any cloud Existing & OSS – Operational Support BSS – Business Support •Interpret and Execute Build- and Management PlansServices Services service 3rd party •Orchestrate Managementservices, Componentry BPaaS Partner Customer Service Service Service Delivery Catalog Account Offering Offering Ecosystems Management Catalog Management Cloud

. S e rv ic e D e v e lo p m e n t P o rta l & A P I Components are grouped in Service S e rv ic e C o n s u m e r P o rta l & A P I Service Automation Management Contracts & Service Integration Order Agreement Request two major categories: Management Tools Management Management SaaS Service Change & Image Operational Support Services Request Configuration Lifecycle Management Management Management Subscription Entitlement (OSS) and Business Support Pricing Service Management Management Incident & IT Service Creation Services (BSS) Provisioning Problem Level Tools Management Management – OSS: Responsible for PaaS Monitoring & IT Asset & Capacity & Metering Rating Billing Event License Performance managing the runtime Management Management Management components of cloud Consumer In-house IT Clearing & Accounts Accounts services Platform & Virtualization Management Settlement Payable Receivable Image Management IaaS – BSS: Responsible for all •Design, buildService and Provider manage Portal & API images for cloud services

business / finance Deployment Transition Operations Security & Customer related aspects of cloud Virtualized Resource Architect Manager Manager Risk Manager Care services Management •Deploy cloud services on virtualized Infrastructure resources . Economies of scale can be •Manage virtual resources achieved by managing Security, Resiliency, Performance & Consumability multiple cloud services with Security Governance the same set of mgmt •Design for Multi-Tenancy components (see •Protect assets through Isolation, integrity, image- risk and compliance architectural principles) management 37 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Cloud Computing Reference Architecture (CC RA) – Overall drill-down

Cloud Service Cloud Service Provider Cloud Service Consumer Creator

Cloud Services Common Cloud Service Business Manager Manager Service Management Platform Component Developer Consumer End OSS – Operational Support BSS – Business Support user Existing & rd Services Services 3 party API

services, BPaaS Mgmt Service Customer Service Service Partner BP Interfaces Composer Cloud Service Service Delivery Catalog Account Offering Offering Integration Ecosystems Management Catalog Management

Tools

S e rv ic e D e v e lo p m e n t P o rta l & A P I S e rv ic e C o n s u m e r P o rta l & A P I Service Automation Management Contracts & Service Offering Order Agreement Request Management Manager Service API Management Management Integrator SaaS Service Change & Image Request Configuration Lifecycle Interfaces Management Management Management Software Mgmt Software Subscription Entitlement Service Creation Pricing Consumer Management Management Tools Business Incident & IT Service Manager Provisioning Problem Level Management Management Service

API Management Consumer In- PaaS Monitoring & IT Asset & Capacity & Metering Rating Billing Development Event License Performance Tools Interfaces house IT Management Management Management Platform Mgmt Platform Business S e rv ic e M a n a g e m e n t Service Runtime Processes Clearing & Accounts Accounts Platform & Virtualization Management Settlement Payable Receivable Development

Applications Tools API IaaS Software Middleware Service Provider Portal & API Development Infrastructure

Mgmt Interfaces Mgmt Tools Infrastructure Deployment Transition Operations Security & Customer Architect Manager Manager Risk Manager Care Image Creation Tools Consumer Administrator Infrastructure

Security, Resiliency, Performance & Consumability 38 Governance © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Cloud Computing Reference Architecture (CC RA) – Security, Resiliency, Performance & Consumability drill-down

Cloud Service Cloud Service Provider Cloud Service Consumer Creator Cloud Services Common Cloud Management Platform

rd Existing & 3 party Business-Process- services, Partner as-a-Service Ecosystems Cloud Service Integration Tools Software-as-a-Service Operational Business Support Service Support Services Creation Tools Services (BSS) (OSS) Platform-as-a-Service Consumer In-house IT

Infrastructure-as-a-Service

Infrastructure

Security Resiliency Consumability Software, System Access & Identity Security Event Resiliency Ease of Doing & Service Lifecycle Data Resiliency Compliance Readily Adapts Management Assurance Management Assessment Business

Data and Configuration for Resiliency Policy Positive First Simplified Security Policy Information Governance Management Use Experience Operations Protection Resiliency Threat & Security Data policy Resiliency Availability & Vulnerability Monitoring / Continuity Rapidly Entitlement enforcement Management Analysis Management Integrates Security, Resiliency, Performance & Consumability 39 Governance © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Cloud Computing Reference Architecture (CC RA) – Infrastructure drill-down

Cloud Service Cloud Service Provider Cloud Service Consumer Creator

Cloud Services Common Cloud Management Platform

Existing & 3rd party Business-Process- services, Partner as-a-Service Ecosystems

Software-as-a-Service Operational Cloud Business Support Support Services Services (BSS) Service (OSS) Integration Platform-as-a-Service Tools

Infrastructure-as-a-Service Service Creation Tools

Infrastructure

Server Storage Network Facilities Consumer In-house IT Processor Drives Internal Location

Memory Ephemeral External Power

Nodes Persistent Inter-site

. Applied Patterns are based on cloud projects where the reference architecture AOD has been used to create cloud implementations. Applied patterns reflect common scenarios of how a cloud could be implemented: 1. IBM Smart Business Development and Test on the IBM Cloud is a sample for a "simple" (public) service provider architecture pattern. The diagram and related descriptions have been used to lead the high-level discussion and to guide decisions on scope for release 1 and following. 2. The RA overview diagram has be used to discuss roles and responsibilities for a Desktop cloud project where part of the infrastructure is managed by IBM. 3. An architecture overview diagram pattern for a private enterprise where traditional IT is managed in parallel to a private cloud environment, plus the consumption of externally provided public cloud services 4. A service provider "whitelabeling" architecture overview diagram pattern (i.e. a service provider consuming cloud services from another cloud service provider and reselling the same offering -- with different branding and different prices) 5. A service provider consumption and value-add architecture overview diagram pattern (i.e. service provider consuming 1..n cloud services from other cloud services, composing them and adding service provider specific value-add functionality on top) 6. Bio-Informatics Exchange 7. IBM Cloud Service Provider Platform 8. IBM Shared Private Production Cloud

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Component Model

. BSS and OSS component specifications and top- level decomposition

. Use Case realizations of important use cases (e.g. Requesting Service Instances)

. Extensive UML-based modeling of BSS and OSS component relationships and dependencies

. Cross-component view on CC RA 2.0 domains

. Mapping of current IBM cloud implementations to CC RA 2.0 Component Model

. Condensed mapping of CC RA 2.0 components with IBM recommended tools

43 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Use Case Realizations A use-case realization describes how a particular use case is realized within the design model, in terms of collaborating objects (IRUP).

. CC RA 2.0 CM describes realization of typical use cases: - Creating Service Offering incl. - Create Service Template - Create Rating Scheme - Requesting Service Instance

. Sequence diagrams help to understand components, processes and flows involved in realization of use cases

. Detailed component diagrams are included to provide information about component interfaces, relationships and dependencies

Cloud Service Provider

Cloud Services Common Cloud Service Business Manager Manager Service Management Platform Component Developer Consumer End Existing & OSS – Operational Support BSS – Business Support I

user B n P rd t TSRM SPE Services Services A e

3 party r M P f a I BPaaS g c Service

services, m e s t Customer Service Service Partner Service Delivery Catalog Composer Cloud Service Account Offering Offering Ecosystems Management Catalog Management Integration TSRM TSRM SPE TSRM SPE TSRM SPE Tools S S e r e

Service Automation Management v r S i

v Offering c o i e c I f

n e t

D Manager w t TSAM A e Service C e a r P v o r f

e TSRM SPE a TSRM SPE TSRM SPE e I Integrator SaaS n

c l s M o e u p s g m m m e e t r CCMDB n

P TPM t Service Creation

TSRM P o TADDM r Consumer o t a Incident & IT Service r

t Tools l a Business & TSRM SPE TSRM SPE TSRM SPE l

Problem Level &

A Provisioning

Manager Managemen Managemen A P P P I l

a TSLA Service I t t I

n TPM

t TSRM f t o

e TNSQM A Management r r m P f a I Development PaaS c M

Consumer In- e g s TSRM SPE TSRM SPE Tools m TSRM SPE house IT t ITM, ITNM, TAMIT TUAM TUAM OMNIbus, Business S TBSM Service Runtime

Processes e r v Platform & Virtualization Management Development i c M e I g n

VMControl

m Tools f

Applications M r a t a TPC s A I n n t P r t a u e I

IaaS c

g Software r f t e a Middleware u Service Provider Portal & API c r m Development e e e s Tools n t Infrastructure Deployment Transition Operations Security & Customer Architect Manager Manager Risk Manager Care Image Creation Tools Consumer Administrator Infrastructure

TDS TAM TFIM Security, Resiliency, Performance & Consumability TSA MP TSM 45 TSA AM Governance © 2011 IBM Corporation IBM Cloud Computing Reference Architecture IBM recommended tools for consuming management functionality as a hosted offering

Cloud Service Provider

Cloud Services Common Cloud Service Business Manager Manager Service Management Platform Component Developer Consumer End Existing & OSS – Operational Support BSS – Business Support I

user B n P rd t Services Services A e

3 party r M P f a I BPaaS g c Service

services, m e s t Customer Service Service Partner Service Delivery Catalog Composer Cloud Service Account Offering Offering Ecosystems Tivoli Live Integration Service Manager Management Catalog Management Tools S S e r e

Service Automation Management v r S i

v Offering c o i e c I f

n e t

D Manager w t

A e Service C e a r P v o r f e a e I Integrator SaaS n

c l s M o e u p s g m m m e e

t Tivoli Live r n

P t Service Creation Service Manager P o r Consumer o t a Incident & IT Service r

t Tools l a Business & l

Problem Level &

A Provisioning

Manager Managemen Managemen A P P Tivoli Live P I l

a Service I t t I n t Service Manager f t o e A Management r r m P f a I Development PaaS c M

Consumer In- e g s Tools m

house IT t Tivoli Live Tivoli Live Service Manager Business S Service Runtime

Processes e r v Platform & Virtualization Management Development i c M e I g n

m Tools f

Applications M r a t a

s A I n n t P r t a u e I

IaaS c

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Operational Model

47 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture CC RA 2.0: Operational Model Updates Primary focus on leveraging existing cloud implementations in IBM and other CC RA work products

. Show how components are to be realized and deployed in a cloud-specific fashion

. Harvest architectural patterns from existing cloud implementations (e.g. SBDTC)

. RSA models for each level of elaboration which can be leveraged by adopters

. System walkthroughs for major functional areas in Use Case Model and Component Model

. Implementation guidance on realizing CC RA using IBM recommended tools identified in Component Model

. Identify critical decision points and requirements used to guide the implementation

. Adopter guidance on key decision points related to Cloud

. Addresses each node and component realization specifically, noting important considerations specific to Cloud

. Walkthroughs show how the component operates in the context of the CCMP

. Implementation guidance includes: – Applied patterns showing how CC RA can be adapted to engagement-specific requirements – Recommended tool selection aligned with component mappings in the Component Model – Identification of architectural decisions and considerations of which practitioners need to be aware

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Service Flows

. Defines all operational processes (“service flows”) required for managing cloud services based on a CCMP deployment. – These service flows are focused on reducing labor costs for management to a minimum, by building on high degree of standardization present in any cloud environment.

. Service flows depend on service management components as defined in the CC RA component model – CCMP components are required for automating as many tasks as possible.

52 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture CC RA Service Flows Content: Overview Service flows processes differences from standard IT management processes • Leverages reduced (eliminate) scope of management, standardization, and opportunity for optimization to dramatically reduce labor costs. • Aimed at delivering cloud management processes for cost-competitive cloud infrastructures

Manual as-is process Automated to-be process

• Implementation of cloud-optimized service management processes • Configuration and Asset Mgmt • Patch / Provisioning / Image Mgmt • Incident / Problem Mgmt, Monitoring • Performance and Capacity Mgmt • Service Level Management / Metering • Service Request Management • Continuity Mgmt

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Standards

54 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Context and Scope of CC RA 2.0 Standards Conte Scop By means of adheringxt to and driving the • Existing Cloud Computinge and Management evolution of standards we ease adoption of Standards our platform, assure solution portability, • Standards that are currently being defined avoid vendor lock-in, and enable an eco- • Standards that need to be defined system of partners around our platform. (recommended standards)

APIs 1 3 BSS UI Portal 2 5 1 Cloud Domain 1 1 Model and 3 Terminology 1 Cloud 4 Management & 4 6 8 Orchestration 1 (Service 4 Consumability 5 Templates) 2 Management 1 6 Standards 1 Security 7 6 Virtualization 8 1 8 (OVF, Images 8 Mgmt., Network, 7 Storage) A standard can be defined as something with a pre-described specification, that is measurable, recognized as having authoritative value, and which an organization chooses to implement as a basis for 'good practice'. 55 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture CC RA 2.0 Standards – Core Domain Model Overview

. Create a central, authoritative domain model and terminology to be used consistently in cloud solutions

. Cover core concepts that are common across cloud solutions, and their touch points to specific disciplines Roles – Do not dive into specific domains to avoid duplication of work Hybrid BSS Cloud . Strong focus on (1) defining core concepts/terms and Core (2) defining how those concepts are related to each Concepts other

. Collect input from RA 1.0 and RA 2.0 documents, and Security ... make consistent with RA 2.0 Virtualization . Make consistent with models that are defined or are being defined in IBM (e.g. CDM)

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Architectural Decisions

. AD documents important decisions about any aspect of the architecture including the structure of the system, the provision and allocation of function, the contextual fitness of the system and adherence to standards

. Consolidate ADs from key offerings, architectural domains and TWPs to provide a single place to find important ADs that illustrate rationale and justification of architectural decisions

. Develop standard reusable artefacts that can be consumed by offering and engagement architects

. Prove a reference of documented decisions that can help practitioners to: - avoid unnecessary reconsideration of the same issues - preserve design integrity in the provision of functionality and its allocation to system components - ensure that the architecture is extensible and can support an evolving system

architectural domains & TWPs Architectural Domain Subset* Technical Work Products

Cloud Delivery Models

Use Cases & Roles SaaS Managed Service Desk

Architecture Overview

Security PaaS

Component Model

Operational Model

IaaS Standards (Public & private cloud)

Non Functional Requirements

Service Flows

In version 2 of the AD document we added decisions from the following areas on top of the decisions from version 1:

. Applied Pattern Architecture Decisions - IaaS - Public Cloud – 14 ADs - IaaS - Private Cloud – 18 ADs - SaaS – Managed Service Desk – 11 ADs

. Domain specific Ads - Hybrid Cloud – 7 ADs - Resiliency – 1 AD - Virtualization management – 17 ADs - Metering / Accounting – 4 ADs - Performance and scalability – 5 ADs

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Security

IBM Security Framework: Business Security Reference Model

Governance, Risk, People and Identity Data and Information Compliance (GRC)

IT Infrastructure: Application and Process Network, Server, Physical Infrastructure End Point A

r Foundational Security Management c h Software, System and Identity, Access and Data and Information Threat and Vulnerability i

t IT Service Management

e Service Assurance Entitlement Management Protection Management Management c t u Command and Control Security Policy Risk and Compliance Physical Asset r

a Management Management Assessment Management l

P r i n Security Services and Infrastructure c i p

l Security Info and Identity, Access and Security Policy Crypto, Key and Service Management e

s Event Infrastructure Entitlement Infrastructure Infrastructure Certificate Infrastructure Infrastructure

Host and End-point Storage Security Application Security Network Security Physical Security Security

Code and Identities and Events and Policies Images Attributes Logs Security Data Repositories Service Levels and Classification Config Info and Operational IT Security Designs Registry Context Knowledge

Activity/Data Driven Cloud Security

Organizations need to adopt a strategy for cloud security that considers the unique attributes of the cloud as well as the activities and data the cloud is being utilized for.

Only by combining foundational controls with activity/data specific controls can organizations meet their cloud security needs.

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Performance & Scalability

Performance and Architecture/ scalability relevant Operational Patterns Scenarios & Use for Performance and C

Cases Scalability o n s u m

Design a a nd Sizing b of l C e CMP based o arch u itectu t re c o m e s Performance and Measurement scalability service methods and Metrics level KPIs, and of Service Levels Goals

Roadmaps from Tivoli, Linux Technology Center (STG), and SoNAS (STG)

Common Cloud Management Platform

BSS Business Support System . Deployment patterns for OSS components – Multiple Virtualization Management domains Service Delivery Catalog – Horizontal Scaling of Provisioning OSS components Service Templates Service Automation Management – Horizontal Scaling of Service Operational Automation components Support Service Request Management – Multiple OSS domains System Provisioning

. High Scale Low Touch Virtualization Management Virtualization Mgmt

. Patterns and strategies for rapid Virtualized Infrastructure – Server, Storage, Network, Facilities provisioning – CoW boot disk of remote read-only images – Local caching of remote images and CoW root disk of local read-only image – Local caching of remote images and only transferring image delta – Use a combination of CoW, CoR, and Pre-fetching

. 1 Introduction . 4 High Scale Low Touch virtualization – 1.1 Scope of this document management – 1.2 Supporting work products & – 4.1 Architecture references – 4.2 Functions – 1.3 Legal Remark – 4.3 Results – 4.4 Targeted scenarios and use cases . 2 Scenarios, Use Cases, KPIs, and . 5 Virtual systems rapid provisioning Measurements strategies – 2.1 Use Cases and Actors – 5.1 CoW boot disk of remote read- – 2.2 Influencing Scenarios and Factors only images – 2.3 Key Performance Indicators and – 5.2 Local caching of remote images Goals and CoW root disk of local read-only image – 2.4 Measurements & metrics – 5.3 Local caching of remote images and only transferring image delta . 3 Deployment patterns for CCMP OSS – 5.4 Use a combination of CoW, CoR, components and Pre-fetching – 3.1 Multiple Virtualization Management – 5.5 Pre-create/hibernate/resume VM domains – 3.2 Horizontal scaling of Provisioning . 6 Applied Pattern: Compute Cloud components – 3.3 Horizontal scaling of Service . 7 References Automation components – 3.4 Multiple OSS domains

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Virtualization Management – Base

69 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Virtualization Management - Base . Component of the OSS layer – provides common interface across hetergenous infrastucture & value-add functions above infrastructure (pooling, placement, mobility, notification up) . Defines the capabilities and services for the management of virtual resources and the underlying physical resources . Base virtualization divided into 2 main sub components – Platform Management – Virtual Resource Management . Network and Storage Virtualization are sub teams and discussed separately Cloud Service Provider . Details what functions/subcomponents should be part of the Cloud Services Common Cloud Service Business Virtualization/Platform Management component Management Platform Manager Manager Existing & OSS – Operational Support BSS – Business Support 3rd party Services Services – Definition of scope and functions services, BPaaS Partner Customer Service Service Service Delivery Catalog Account Offering Offering

. What is important for implementation/options in cloud Ecosystems Management Catalog Management

S e rv ic e D e v e lo p m e n t P o rta l & A P I S e rv ic e C o n s u m e r P o rta l & A P I Service Automation Management Contracts & Service Order Agreement Request environments for these functions Management Management Management SaaS Service Change & Image Request Configuration Lifecycle – Considerations and what options are there, pros and Management Management Management Subscription Entitlement Pricing Management Management Incident & IT Service cons Provisioning Problem Level Management Management

PaaS Monitoring & IT Asset & Capacity & Metering Rating Billing – Performance, scaling and architecture decisions Event License Performance Management Management Management

Clearing & Accounts Accounts – Ex: local storage vs shared storage the implications Platform & Virtualization Management Settlement Payable Receivable

there wrt Performance, scaling, resiliency of the VMs IaaS Service Provider Portal & API

. What standards/recommendations are there for Deployment Transition Operations Security & Architect Manager Manager Risk Manager implementations Inf rastructure

. Virtualization Management . Platform Management – Virtualization Platform Abstraction – Discovery of physical resources • Common interface to request and access virtual resources • Enables commonality for the higher level functions in the BSS • Library or catalog of discovered resources and OSS layers • Inventory such as options, firmware, OS – Virtual Resource Pooling • Ability to manage a set of virtualization infrastructure as a single – Platform Software Maintenance entity or “pool” • Monitoring, reporting, and patching of system • Includes Compute, Network and Storage infrastructure firmware and hypervisor software. • Virtualization management component handles placement/allocation across the pool and optimization of the – Bare Metal installation/distribution pool. • Install and distribute OS and hypervisor • Resource allocation can be based on a variety of criteria and software and agents factors such as energy, availability, licensing, etc – Reservation – Platform health monitoring and reporting • Reserves virtual resources for future use • Monitors health of physical systems and • Provides a reservation interface hypervisors – Image Repository • • Library of virtual appliances which can be deployed to create Used for billing services and SLAs workloads – Deployment and Undeployment • Creation and deletion of virtual systems and network/storage resources at the request of the provisioning layer • Provides for intelligent allocation across the pool, may include over commit of physical resources – Instance Image Management • Provides management of deployed instances of the images, including ability to capture images – Management of virtual servers • Provides interface to start, stop, restart virtual servers – Relocation • Provides ability to move a virtual resource from one physical machine to another • May happen as a result of a failure, predicted failure, or planned maintenance

. Standards – Platform management • DMTF CIM, SNMP – Virtualization management • DMTF OVF • Libvirt • Activation engine - VSAE

. Non-Functional Requirements – Mostly centers around performance and scaling which is critical in a cloud environment – Details Documented in the NFR document . Input provided to other work products for performance, resiliency, component model, etc

. Applied Patterns – Private cloud, Cloudburst, Telco scenario

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Virtualization Management – Networking

. Identify BSS/OSS core components that are relevant to cloud (virtual) networking. – Capability extensions for virtual networking architecture and services.

. Identify a set of important cloud networking connectivity types (and patterns) to support cloud users (customers): – Shared cloud infrastructure network(s). – Private networks w/in cloud infrastructure (with variation of access over Internet). – Private cloud to cloud virtual network (including hybrid cloud – from customer’s network to cloud).

. Identify/define resources in resource model (i.e., CIM), critical for supporting cloud networking as part of infrastructure authoritative topology DB.

. Define subcomponents (and their expected capabilities) and services of Networking Virtualization Management in Virtualization and Platform Management overall component.

. Identify Architecture Decisions and Non- Functional Requirements related to networking.

. Extend cloud use cases to include networking connectivity (i.e., connecting cloud services to virtual networks and automated network provisioning).

. Relate cloud networking to on-going standard work in DMTF SVPC WG for virtual networking within OVF.

. Identify IBM products/assets that provide foundations for building out support for cloud networking and automated network provisioning.

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Resiliency

CC RA 2.0 Resiliency . Defined cloud Resilience architecture . Based on lessons learned from implementations . Mapped architecture to proposed CCMP resilience implementation . Identified required products . NFRs enhancements

Key learning from existing cloud implementations . OSS/BSS interdependencies and operational requirements must be considered in coordinated resilience and automation design

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Metering, Rating and Accounting

. Metering, Rating and Accounting Domain addresses: – Different types of metered usage data (3 Key types) and the need to meter both Allocated and Activity based data – BSS-OSS mapping of runtime and design time data flows – Product specific detailed functional gap analysis with tool recommendations – Solution architecture along with implementation guidance

. 3 Applied Patterns from architecture as applicable to Public, Private clouds and an ISV context are explained

Terminology: Metered Usage Data Concepts

. Allocation Usage – The result of a consumer occupying a resource such that other consumers cannot use it – For example, the time period IT infrastructure topology (e.g. Servers, CPUs, Memory, Storage, Network, Database, Websphere Cluster) has been allocated to a particular cloud service. – More suitable as Service Usage Metric.

. Activity Usage – The result of activity performed by the consumer e.g. CPUSecs, Bytes transferred etc – More suitable as Cost Usage Metric.

. Action Usage – Actions initiated by the consumer that the provider may wish to charge for or track costs against • e.g. Backup/restore server, change virtual server configuration – Action may or may not involve manual steps

Service A Cloud Service Provider 4 CPUs on Server 1 2 GB Service A Costs 60 server hrs @ $25/ server hr 240 CPU hrs @ $5/ CPU hr Server 1 CPU usage = 3,000 CPU mins * $.40/min 120 GB hrs @ $3/ GB hr Server 2 CPU usage = 2,500 CPU mins * $.60/min Server 1 software usage = 60 hrs * $15/hr Cloud Service Server 2 software usage = 40 hrs * $10/hr Requestor #2 $3,060 Server 1 labor costs = $40 Server 2 labor costs = $60 Service A 3 CPUs on Server 2 4 GB  50 server hrs @ 25/ server hr ServiceService A A costs costs = = $4,100 $4,100 150 CPU hrs @ $5/ CPU hr Profit 200 GB hrs @ $3/ GB hr $2,600 Cloud Service Provider Cloud Service Requestor #3 Service A revenue = $5,660 Service B Costs Service B Server 1 CPU usage = 5,000 CPU mins * $.40/min 2 CPUs on Server 1 1 GB Server 1 software usage = 80 hrs * $15/hr 100 server hrs @ $20/ server hr Server 1 labor costs = $40 200 CPU hrs @ $3/ CPU hr 100 GB hrs @ $2/ GB hr DB2 Help Desk = $50 100 DB2 Support hr @ $2/ DB2 Support hr Service B revenue = $3,000 Service B costs = $3,290 Loss

Adjustment BSS Billing Records Tax Rules Billing Record Generation Billing Terms Cost/Price Accounting Usage Accounting Usage Reports Rated Usage Reports Contracts & Agreements

Provider’s Rating & Accounting of Usage Accounting Records Rates /Prices

Business Qualified Usage Accounting Records context Accounting Structures Qualified Usage Accounting Records Generation Usage Data Service Qualification Rules OSS Correlated Usage Records context

Metered Usage Data Correlation Correlation & Aggregation Rules (Service)

Local Metered Usage Data: Allocation, Activity, Action(Labor) context Data Correlation & Aggregation Rules (each source) Metered Usage Data Generation Metrics Definition

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

BSS Decomposition

. Business Support Services (BSS) is a set of components that enables interaction of customers with the service provider. BSS works closely with Operational Support Services (OSS), which is a set of computer systems and related processes used to deliver the services. BSS and OSS functions for all IBM Cloud services are provided by the Common Cloud Management Platform (CCMP)

. BSS Decomposition RA content - 44-page doc with the following sections: – BSS positioning within CCMP – Overview of BSS functions required for all realizations – Public Cloud realization – Private Cloud realization – Brief discussion of hybrid cloud and product development realizations – Future direction – BSS as a Service for promoting re-use and modularization

Security & Compliance management

Customer AccountAccount mgmtmgmt Customer Management Contracts & agreements mgmt

Customer information mgmt Register contract/agreement Billing Schedule

User identity mgmt User access mgmt Contracted Rating Contract generation B B S S S S S S

Service Offering management

Service Offering Management Pricing e –

– Service Offering Management Pricing e r

v r B B v i

Offering Lifecylce mgmt List prices Price information mgmt c i Offering Lifecylce mgmt Price information mgmt u u c Service Offering Catalog e s e

s Service Offering Catalog

D i i

n n C Options configuration & rule mgmt Discount Price model e e e o v s e n s l s s s o u

p S S m m u u e

Subscription e p r p Subscription Subscription Management Service n Service Order management

p Order management p t P mgmt Request mgmt o

o Request mgmt P o Enter & manage order Delivery status monitoring Enter & manage order o r r r Entitlement mgmt Delivery status monitoring t

t Entitlement mgmt t r a

t S

S Metering a l Metering

Entitlement tracking l e e Manage license/Entitlement r r v v i i c c e e s s Clearing & settlement Financial Management Billing Royalty mgmt / payment Accounts Payable Financial datadata releaserelease Rating ISVISV // VendorVendor paymentpayment Process billing charges Create & release invoice Accounts Receivable

Service Provider Portal

Service Provider Edition + Tivoli Usage and Accounting Manager TSRM-SP provides all these functions

Notes on METERING

TSRM provides Allocation & Activity-based Metering.

TSRM tracks labor, materials, tools, services costs.

TUAM provides Usage-based Metering

RATING & BILLING

TSRM & TUAM provide partial rating functions & bill data generation – but not direct invoicing NO Peering and Settlement 86 NO accounts payable/receiving © 2011 IBM Corporation IBM Cloud Computing Reference Architecture

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Hybrid Cloud

. Scope and Purpose: . Dimensions: – Use Cases: Identify use cases and scenarios for – Integration: How to connect on-premise hybrid cloud setup, operations, and management services and data to off-premise counterparts… – Patterns: Identify solution patterns for integration business data mapping and service integration of on-premise with services in public cloud(s) – – Life-cycle: Identify and define workload migration Security: How to integrate on-premise/off- and life cycle events for services in hybrid cloud premise identities, policies, auditing systems; how to ensure proper security of off-premise cloud – Roles: Identify roles associated with hybrid cloud operations and services workload; How to secure management and payload interactions – Decisions: Define architectural decisions for hybrid cloud integration framework and for hybrid – Monitoring: Integrate monitoring of off-premise cloud management services infrastructure and applications with on-premise management system; Enable on-premise . Perspectives monitoring and event infrastructure to reach into clouds – Operating Perspective: Seamlessly move peek workloads from on-premise to public Cloud – Management: Manage Capacity in the cloud; – Sourcing Perspective: Different types of provisioning- and de-provisioning based on workloads to be provisioned by the most effective Monitoring data), capacity overflow from on- Cloud from the perspective of cost, functionality, premise to Cloud availability, performance, security, etc. – Governance: Who can, does, should use which – Management Perspective: Unified view and cloud-based services…service request capability to manage resources and information on- management of on- and off-premise resources premise and in off-premise Clouds combined with management and integration of workloads and resources across hybrid cloud

Examples: Hybrid Cloud: Use Case Scenarios Hybrid Cloud Integration IBM Cloud Connect off-premise monitoring events to Examples: Tivoli Monitoring on-premise Hybrid Cloud Server Integration monitoring system Hybrid Monitoring Database Sync customer Example records Federate Monitoring info of Workload in IBM Public Cloud

Examples: Common Common Hybrid Cloud Cloud Cloud On-premise to off-premise Business Application Integration: Integration Manage Manageme Mgmt and Capacity mentPlat Example: nt Platform Public Cloud Private (On Overflow of/to form On-premise Database to Salesforce Cloud Resources Premise Public Cloud (IBM Cloud) Resources)

Examples: Hybrid Cloud Governance & Hybrid Workload Management Integration Examples: Governance for acquiring Resources from IBM Compute Sync on-premise Cloud and/or Amazon; Workload Management and LDAP Directory identity model and capacity overflow from CCMP based private Cloud to IBM directory Compute Cloud Examples: Security: Directory Integration & Identity Federation Hybrid Cloud ERP Integration Example Cognos Apps Data Synchronize on premise ODW LDAP and LotusLive Query Access DB2 DB2 Cognos BI Domino directory info and facilitate SSO Replication SIB Staging DB Staging DB

Cognos and other Analytic Applications in the Cloud: Initial Load to Cloud; Change Data Capture Replication to & from Cloud; Query Access; Data Cleansing 89 © 2011 IBM Corporation Cloud Management Platform – Hybrid Cloud Model * IBM Cloud Computing Reference Architecture

Common Cloud Management Platform

BSS Business Offering Mgmt Customer Mgmt Pricing & Rating Support Services Order Mgmt Entitlements Subscriber Mgmt

Accounting & Billing Invoicing Peering & Settlement

SLA Service Offering S

Contract Mgmt e S Reporting Catalog r e v r i c v e i c

e Metering, Analytics & Reporting D

e D v A e

e Updated for l P i l v o

I OSS e Service Delivery Catalog p Hybrid Cloud r

Operational m y

P Support n o Services t r Service Templates Service Automation Management P t a o l r t a

Service Request Management Configuration Mgmt Image Lifecycle Management l

Provisioning Incident, Problem & Change Management IT Service Level Management

Monitoring & Capacity & Event Management IT Asset & License Management Performance Management

Virtualization Mgmt

Monitoring, Metering, Security and Cloud Service Hybrid Cloud Policy Enforcement Broker Integration: Private Cloud Client Controlled from within the enterprise IBM Development & 3rd Party Cloud Test Cloud Services 90 90 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Multi-tenancy

Multi-tenancy requirements and customer expectations

Requirements mapping to CC RA component for impact and gap analysis

Multi-tenant patterns

Leveraging existing multi-tenancy assets and capabilities

Specification of how secure Multi-Tenancy should be implemented across the CC RA components

Multi tenant NFRS adopted NFR deliverable

Use Cases and extensions adopted Use case deliverable

Component impact analysis adopted Component deliverable

Multi-tenancy definition

Tenant definition

Multi-tenant patterns whitepaper

Multi-tenancy refers to the ability of services to be offered to multiple user entities (tenants) in a way so that each tenant operates as logically isolated, while, in fact, using physically shared resources.

Tenant definition A business entity that is contractually responsible for the 1 Tenant consumption of Cloud Service from a service provider. A role within the 1 business entity that manages contracts 1 1:n and optionally Consumer 1 1:n A role within the business entity Consumer Business that will request commission and approves Administrator commission of Manager decommission services from the services from the 1 Cloud. Cloud 1:n

Consumer 1:n 1 Service The Cloud service instance The users of the End User Instance requested by the Service Owner Service 1

1:n Service Resources The resources consumed by the service Application Platforms

Virtual Network Storage Machine component

Multitenancy service considerations

Standardisation Low High Security risk Low High Cost/tenant High Low

Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant

App App App App App App App App Application

Platform Platform Platform Platform Platform Platform Platform Platform 1. Primitive set of patterns of multi- tenancy OS OS OS OS Operating System Operating System Operating System

2. Associated multi-tenant Infrastr. Infrastr. Infrastructure Infrastructure Infrastructure Infrastructure

characteristics that will have to Data center floor Data center floor Data center floor Data center floor Data center floor I II III IV be supported in any Cloud Physical-level Hypervisor-level Operating Platform-level multi-tenancy multi-tenancy System-level multi-tenancy implementation. multi-tenancy Legend: Dedicated 3. Multi-tenancy of managing and Shared manage environments 4. Multi-tenancy needs of public and private clouds.

CC RA team / presented by Mike Buzzetti

1 IBM Cloud Computing Reference Architecture Agenda

.Executive Summary

.Introduction & Overview –Historical evolution of the Reference Architecture –Structure of the RA 2.0 –Target audience –How to apply the RA for cloud implementations

.Cloud Computing Reference Architecture Details

2 IBM Cloud Computing Reference Architecture IBM Cloud Computing Reference Architecture

– IBM cloud appliances Consumer In-house IT – IBM cloud service management products Infrastructure-as-a-Service

The CC RA consists of 21 detailed documents representing best-of-industry knowledge and insight on how to architect, design and implement clouds

Mike Buzzetti notes Existing legacy products and technology can be mapped to to the CCRA since the CCRA shows integration points between new cloud technologies and the existing ones

3 IBM Cloud Computing Reference Architecture The IBM Cloud Computing Reference Architecture ensures consistency & quality across IBM development and delivery projects

SOA is defined by the open group as “an architectural style that supports services orientation Service orientation is a way of thinking of services and services-based development and the outcomes of services. “ That basically means that cloud computing supports service orientation SOA solutions usually do not have all the characteristics of cloud simultaneously. SOA solutions usually have to have the management built from scratch SOA service reuse is generally only within the organization that delivers the service.

Not all SOA solutions are cloud servers, since cloud requires automated deployment and management

4 IBM Cloud Computing Reference Architecture IBM Cloud Computing Reference Architecture: Development Process Development led by the IBM Cloud Computing Architecture Board .Comprising technology leaders from IBM Research and IBM’s software, systems and A process of continuous improvement helps ensure that the services organizations reference architecture is both responsive to changing client and security requirements and incorporates technology .>50 of IBM’s top cloud computing experts developments via IBM products and evolving design represent the core team specifications.

Derived from extensive client interaction combined with IBM’s extensive capabilities and experience in building enterprise-class IT systems.

5 IBM Cloud Computing Reference Architecture The IBM Cloud Computing Reference Architecture covers are broad range of important cloud-specific topics

6 IBM Cloud Computing Reference Architecture Structure of the IBM Cloud Computing Reference Architecture There are two deliverables for each work product of IBM Cloud Computing Reference Architecture the RA – Document: Detailed Captures cloud- Functional (=use cases) description of the work specific architectural and non-functional

C Non-functional product, important for in- decisions made on Use Cases requirements against the r any other work Requirements o other RA work products

depth work s product s - – Presentation: Summary of d o

m “Cloudified” the document, for simplified Defines all cloud-

a management processes

i specific standards Architecture Overview consumption and quick start n for operating cloud

A Defines architectural building A w services with cloud- r

r blocks c c o

h scale-efficiency

h Product-agnostic r S i i k t t e e e S

The RA is defined r p S c t v t a Cross-cutting t e r u i u n c o c r

r Component Model e

work product d according the Unified a u d a

l a r

l Refines architecture overview to F

encompassing all i D r D t l d c o

y the next level of detail

Method Framework e

security aspects e s w t c c s i s

relevant in the i s (UMF) s Consistent & i i context of the CC o o prescriptive n n

RA. s Simplifies field adoption s Operational Model architecture Deployment-level view across all since all IBM field architects of the reference architecture technical attend UMF training by domains default D w o o m r k a

i p

“applied patterns” c c t i f s i – An applied pattern illustrates c how the respective work product could be used / was used in a specific 7 implementation08/03/11 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture IBM Cloud Computing Reference Architecture: Domain work product details IBM Cloud Computing Reference Architecture How to implement a cloud to achieve optimal performance & C Non-functional scalability r Use Cases o Requirements s s - d o m A a r c i n h Architecture Overview S i

t w A

Guide for creating cloud e e S D r c r o S c t v t

services and how to e a r e u h i k c n c c r i i t e exploit management d a u s e p

l a r i F

c Component Model

r o i D functions. r t t o l d n u o y e d s s r w c a u i s s l c

i o t s n

s Operational Model

Considerations for

implementing multi- D w tenancy in a cloud o o m r

environment k a

CC RA =

9 IBM Cloud Computing Reference Architecture How to implement a cloud using the IBM Cloud Computing Reference Architecture 1 Define 2 3 3b Leverage requirements and Define cloud service architectural . There is a well-defined Create cloud service and CCMP- decisions use implementation process for using the RA to implementation and CCMP documented in the implementation- details RA and make implement a cloud service guidance for specific architecture Service Flows implementation- cloud service and overview specific ones – A cloud is constituted CCMP throughout the by a CCMP implementation entire process implementation and an arbitrary number of Cloud Service cloud services Creation Architecture Component Operational delivered and Overview Model Model

managed by it + A r c h i Use Cases t e S . c A dedicated presentation t 3a t a u

Leverage guidance n r and document is available Security on specific technical d a l a

D + r

areas as input for d

describing the process for e s Performance & Scalability developing a cloud c i using the RA to develop Non-functional service & CCMP s i Requirements o the management aspects Virtualization Management implementation n for a cloud service s + Resiliency . RA work products also Metering, Rating and Accounting Consumability serve as authoritative BSS De-composition reference on specific technical topics for Hybrid Cloud education purposes Multi-tenancy

“Production cloud”

10 08/03/11 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture Using the CC RA: Which work products have to be created on a per Define cloud-service / CCMP Create cloud service / implementation-specific cloud service basis? CCMP implementation- standards being used. specific service flows. Document cloud Reference RA-level standard . The RA contains two Refer to RA-level service-specific definitions service flows. decisions made for types of work products Create cloud service / Create cloud service / each step of the cloud CCMP implementation- CCMP implementation- service creation specific architecture specific component 1. Work products process. overview, based on RA- model. Reference RA- Use the RA-level work Service Flows level AOD level component model only serving as a product as a reference for step definitions and reference product Create cloud service / recommendations CCMP implementation- documentation specific operational Cloud model. Reference RA- for specific level operational model Service aspects of Creation Architecture Component Operational implementing a Overview Model Model

new cloud: + A r c h i All “domain- Use Cases t e S

Document cloud c t t a

specific” work service-specific use u n cases. r Security d a l a

products except Reference RA-level use D + r d

cases serving as a e s “Cloud service basis Performance & Scalability c i

Non-functional s i Requirements o creation” Virtualization Management n s 2. Work products Document cloud Resiliency + service-specific NFRs. serving as the Reference RA-level NFRs serving as a Metering, Rating and Accounting basis for a cloud- Consumability basis specific work BSS De-composition product: All Assess end to end Hybrid Cloud “cross-domain” experience creating, operating and Capture cloud service / work products managing this cloud Multi-tenancy CCMP-implementation service specific architectural plus “Cloud “Production cloud” decisions. Leverage experience Service Creation” documented as part of ADs being part of the RA Work product to be created on 11 08/03/11 a per cloud service basis © 2011 IBM Corporation IBM Cloud Computing Reference Architecture

Cloud Computing Reference Architecture Details

12 IBM Cloud Computing Reference Architecture

Cloud Service Creation Architecture Component Operational Security

+ Overview Model Model A rc h ite c tu ra l D e c is io n s

Multi-tenancy

“Production cloud”

Cloud Service Creation

13 IBM Cloud Computing Reference Architecture “Cloud Service Creation” – Scope and Overview

Focus is on the Existing & 3rd party Business-Process- management aspects as services, Partner as-a-Service Ecosystems they apply generically Cloud Exploit across all types of cloud Service Management Integration (OSS & BSS) services Tools “New functions Software-as-a-CloudService Operational Business – Provide detailed Service” Service description of basic Support Support Creation Services Services Tools terminology relevant for (OSS) (BSS) creating cloud services Platform-as-a-Service – Provide prescriptive Consumer In-house IT Exploit product runtime functions recommendations Infrastructure-as-a-Service relevant for each cloud service creation step and tooling around that – Provide illustrative Infrastructure examples (“applied patterns”) for how a new Security, Resiliency, Performance & Consumability cloud service can be Governance created

Existing management tooling, processes and operations staff?

Yes

The internal structure of a cloud service is the integration of all runtime and management functions used to deliver, run and manage instances of the respective cloud service.

defined in the CC CloudCloud Cloud serviceservice Reference service delivers Management functions instancesinstances Architecture instances (operational & Request, modify & use business) Cloud Service cloud service instances E.g. automated delivery & Consumer A Cloud Service (*-aaS) self-service mgmt, e.g. VM-aaS, Storage-aaS, WAS-aaS, entitlement, rating, WebConf-aaS, etc. provisioning, monitoring, CloudCloud metering, patch Cloud delivers serviceservice service management, high instancesinstances instances availability, backup & Cloud Service restore, incident & problem Consumer B management, etc.

delivers Cloud CloudCloud serviceservice operates service instancesinstances instances Runtime functions E.g. compute power, Cloud Service hypervisors, storage Consumer C capacity, network isolation zones, load balancers, web Example – Julieanswers.com cloud service: Cloud Service Provider - Julieanswers ear file & application servers, Operations staff - IHS/WAS/DB2 running the julieanswers ear file database management - Virtual machines running IHS/WAS/DB2 systems, analytics engines, - TivoliLive monitoring the health of the julieanswers app business process & portal and the underlying IHS/WAS/DB2 installation engines, etc. - Billing tool - BCRS to backup the julieanswers db2 database 16 08/03/11 © 2011 IBM Corporation IBM Cloud Computing Reference Architecture 12 steps towards creating a cloud service

2. Implement runtime 3. Define unit of delivery & 4. Implement self-service delivery functionality rating & management functionality

App 1 MW * OS 1 1 1 1 Server Storage Network * 1* 11 1

5. Implement monitoring metrics & 6. Implement incident, problem 7. Implement 8. Implement backup event correlation rules and asset mgmt processes resiliency SLA approach

9. Implement 10. Implement cloud service 11. Implement rates for charging 12. Register cloud service security functions specific billing metrics cloud service consumption to service catalog

1 1 * * 11 11 11 * 1* 11 1 1* 1 1 11 1 $$$