Our reference architecture will be based upon the NIST definition as we define the core principals, concepts and patterns used throughout the reference architecture and subsequent implementation guidance in this content series. The reference architecture will consist of reference frame that outlines the overall cloud computing stack based on the NIST definition and defines the core principals, concepts and patterns of a good reference architecture. This is then followed by service delivery guidance to guide the business on solution based delivery of an on-premise private cloud infrastructure.
The reference architecture presented contain practices that are independent of any specific platform provider and generally should be present on any Infrastructure as a Service platform or service engagement available from or through a provider of cloud based computing capability. Where applicable we will link with solution implementation guidance that is based on the use of Microsoft Server products to illustrate the capability discussed in the reference architecture.
New Choices for Delivering IT
The cloud provides options for approach, sourcing, and control. It delivers a well-defined set of services, which are perceived by the customers to have infinite capacity, continuous availability, increased agility, and improved cost efficiency. To achieve these attributes in their customers’ minds, IT must shift its traditional server-centric approach to a service centric approach. This implies that IT must go from deploying applications in silos with minimal leverage across environments to delivering applications on pre-determined standardized platforms with mutually agreed service levels. A hybrid strategy that uses several cloud options at the same time will become a norm as organizations choose a mix of various cloud models to meet their specific needs.
Cloud options typically are categorized by the following service and sourcing models:
Service Models
Software as a Service
Software as a Service (SaaS) delivers business processes and applications, such as CRM, collaboration, and e-mail, as standardized capabilities for a usage-based cost at an agreed, business-relevant service level. SaaS provides significant efficiencies in cost and delivery in exchange for minimal customization and represents a shift of operational risks from the consumer to the provider. All infrastructure and IT operational functions are abstracted away from the consumer.
Platform as a Service
Platform as a Service (PaaS) delivers application execution services, such as application runtime, storage, and integration, for applications written for a pre-specified development framework. PaaS provides an efficient and agile approach to operate scale-out applications in a predictable and cost-effective manner. Service levels and operational risks are shared because the consumer must take responsibility for the stability, architectural compliance, and overall operations of the application while the provider delivers the platform capability (including the infrastructure and operational functions) at a predictable service level and cost.
Infrastructure as a Service
Infrastructure as a Service (IaaS) abstracts hardware (server, storage, and network infrastructure) into a pool of computing, storage, and connectivity capabilities that are delivered as services for a usage-based (metered) cost. Its goal is to provide a flexible, standard, and virtualized operating environment that can become a foundation for PaaS and SaaS.
IaaS is usually seen to provide a standardized virtual server. The consumer takes responsibility for configuration and operations of the guest Operating System (OS), software, and Database (DB). Compute capabilities (such as performance, bandwidth, and storage access) are also standardized.
Service levels cover the performance and availability of the virtualized infrastructure. The consumer takes on the operational risk that exists above the infrastructure.
Comparison of Cloud Service Models
SaaS | End user |
|
- Application uptime
- Application Performance
|
- Minimal to no customization
- Capabilities dictated by market or provider
|
PaaS | Application owner |
- Runtime environment for application code
- Cloud storage
- Other Cloud services such as integration
|
- Environment availability
- Environment performance
- No application coverage
|
- High degree of application level customization available within constraints of the service offered
- Many applications will need to be rewritten
|
IaaS | Application owner or IT provides OS, middleware and application support |
- Virtual server
- Cloud storage
|
- Virtual server availability
- Time to provision
- No platform or application coverage
|
- Minimal constraints on applications installed on standardized virtual OS builds
|
Deployment Models
Deployment models (shared or dedicated, and whether internally hosted or externally hosted) are defined by the ownership and control of architectural design and the degree of available customization. The different deployment models can be evaluated against the three standards - cost, control, and scalability.
Public Cloud
The Public Cloud is a pool of computing services delivered over the Internet. It is offered by a vendor, who typically uses a “pay as you go” or "metered service" model. Public Cloud Computing has the following potential advantages: you only pay for resources you consume; you gain agility through quick deployment; there is rapid capacity scaling; and all services are delivered with consistent availability, resiliency, security, and manageability. Public Cloud options include:
- Shared Public Cloud: The Shared Public Cloud provides the benefit of rapid implementation, massive scalability, and low cost of entry. It is delivered in a shared physical infrastructure where the architecture, customization, and degree of security are designed and managed by the provider according to market-driven specifications.
- Dedicated Public Cloud: The Dedicated Public Cloud provides functionality similar to a Shared Public Cloud except that it is delivered on a dedicated physical infrastructure. Security, performance, and sometimes customization are better in the Dedicated Public Cloud than in the Shared Public Cloud. Its architecture and service levels are defined by the provider and the cost may be higher than that of the Shared Public Cloud, depending on the volume.
Private Cloud
The private cloud is a pool of computing resources delivered as a standardized set of services that are specified, architected, and controlled by a particular enterprise.
The path to a private cloud is often driven by the need to maintain control of the service delivery environment because of application maturity, performance requirements, industry or government regulatory controls, or business differentiation reasons. For example, banks and governments have data security issues that may preclude the use of currently available public cloud services. Private cloud options include:
- Self-hosted Private Cloud: A Self-hosted Private Cloud provides the benefit of architectural and operational control, utilizes the existing investment in people and equipment, and provides a dedicated on-premise environment that is internally designed, hosted, and managed.
- Hosted Private Cloud: A Hosted Private Cloud is a dedicated environment that is internally designed, externally hosted, and externally managed. It blends the benefits of controlling the service and architectural design with the benefits of datacenter outsourcing.
- Private Cloud Appliance: A Private Cloud Appliance is a dedicated environment that procured from a vendor, is designed by that vendor with provider/market driven features and architectural control, is internally hosted, and externally or internally managed. It blends the benefits of using predefined functional architecture, lower deployment risk with the benefits of internal security and control.
The array of services delivered by the combination of service and sourcing models can be dizzying. CIOs will need to evaluate their business requirements and the experience of the provider to select the appropriate Cloud models.
Comparison of Cloud Deployment Models
Shared Public Cloud | External | Shared | Provider or market | Minimal constraints | Pay as you go |
Dedicated Public Cloud | External | Partially or fully dedicated | Provider or market | Constrained by contract | Pay as you go |
Self-Hosted Private Cloud | Internal | Fully dedicated | Self | Constrained by capital investment | Build the Cloud, share services |
Hosted Private Cloud | External | Fully dedicated | Self | Constrained by capital investment or contract | Varies by contract, may or may not have capital impact |
Private Cloud Appliance | Internal | Fully dedicated | Provider | Constrained by offering | Varies by contract, may or may not have capital impact |
Expanding the Reference Model
In the content above we describe several characteristics, service models and deployment models that are aligned to the NIST definition of cloud computing. Now we couple this with Infrastructure layer components that are briefly described in the Blueprint for Private Cloud Infrastructure as a Service and expand the Infrastructure Layer in the Private Cloud Reference Model.
This expanded reference model illustrated in the figure below shall be the basis of the Private Cloud Infrastructure as a Service architecture design contained in this series.
Throughout the Infrastructure as a Service series the focus will be upon the Infrastructure Layer of the Reference Model however as illustrated the Infrastructure Layer has a light coupling with the Management Layer and the Platform Layer. Further the Infrastructure and Management Layers are influenced by the Operations Layer. Certain key areas of the Management Layer such as Fabric Management are covered in detail in this Infrastructure as a Service series while remaining areas of the Management, Operations Layer and Service Delivery Layers are covered in later or future content in the Private Cloud Reference Architecture.
We can now define that Private Cloud Infrastructure as IaaS is an advanced state of IT maturity that has a high degree of automation, integrated-service management, and efficient use of resources. Virtualization can be a key enabler of IaaS but in most models, including the NIST cloud definition, virtualization as common, not and essential, attribute. An infrastructure that is 100 percent virtualized may have no process automation; it might not provide management and monitoring of applications that are running inside virtual machines (VMs) or IT services that are provided by a collection of VMs. In addition to virtualization, several other infrastructure-architecture layers are required to achieve the essential cloud attributes.
A rich automation capability is required. Automation must be enabled across all hardware components—including server, storage, and networking devices—as well as all software layers, such as operating systems, services, and applications. The Windows Management Framework—which comprises Windows Management Instrumentation (WMI), Web Services-Management (WS-Management), and Windows PowerShell—is an example of a rich automation capability that was initially scoped to Microsoft products, but that is now being leveraged by a wide variety of hardware and software partners.
A management layer that leverages automation and functions across physical, virtual, and application resources is another required layer for higher IT maturity. The management system must be able to deploy capacity, monitor health state, and automatically respond to issues or faults at any layer of the architecture.
Orchestration that manages all of the automation and management components must be implemented as the interface between the IT organization and the infrastructure. Orchestration provides the bridge between IT business logic, such as "deploy a new web-server VM when capacity reaches 85 percent," and the dozens of steps in an automated workflow that are required to actually implement such a change.
The IaaS solution’s primary purpose is to host other higher layers such as the PaaS and SaaS.
The final layer is the Service Delivery layer providing interfaces for both service providers and service consumers.
The integration of virtualization, automation, management, and orchestration layers provides the foundation for achieving the highest levels of IT maturity.
High Level Design Concerns
Several key concerns must be established that are cross cutting in the overall design of a Private Cloud Infrastructure as a Service design. These concerns are grounded in the Private Cloud Reference Architecture and expanded here in the context of providing Infrastructure as a Service.
Datacenter and Location
The physical datacenter is the enterprise facility where the organizations cloud capability is deployed. When providing cloud services we generally think of services that just exist and not where they exist. However the physical datacenter we must consider location. For some organizations their datacenter may exist in one or more corporate locations. For large organization there may be dedicated facilities just for location of their datacenter(s). Increasingly these considerations include locations that offer climates that enable the use of nature air to provide environmental climate control within the datacenter and reducing energy consumption. Location may also provide access to low cost costs for energy consumed by the datacenter.
Location of a datacenter plays an active role in the design of Private Cloud Fault Domains and options available to the IT consumer when selecting capabilities to purchase and deploy through Private Cloud Self Service.
Scale Units
The Private Cloud Reference Architecture defines the private cloud pattern of a Scale Unit. However there is no specific predefined set or selection of values that comprise a scale unit. The determination is part of the private cloud design and planning process. A Scale Unit is a pool of compute, storage, and network resources that can be deployed as a single unit or in bundles that allow both extensibility and reuse or reallocation without physical reconfiguration. Examples of these resources are:
- Compute – Blade servers, deployed by one or more racks at a time.
- Storage – Enterprise SAN, with disk capacity to match compute capability.
- Network – New access and distribution designs to meet compute and storage requirements.
When selecting elements of a scale unit the architect should consider future availability as changes in hardware architectures will influence Management Fabric implementations over time. A scale unit should be sized to accommodate future growth over a period that meaningful to the business. Some businesses will plan on a quarterly basis while others may forecast by fiscal year or more.
Resource Pools
A resource pool is comprised of server, network, and storage scale units that share a common hardware and configuration baseline but does not share a single point of failure with any other resource pool other than the facility itself. Note that a resource pool could be subdivided further into Fault Domains. See Private Cloud Reference Architecture Principles, Patterns, and Concepts.
Fault Domains
The Physical Fault Domains pattern is defined in the Private Cloud Reference Architecture. In an Infrastructure as a Service design a fault domain is a set of physical infrastructure with a common configuration within a resource pool that does not share a single point of failure with any other fault domain.
Upgrade Domains
An upgrade domain is infrastructure within a resource pool that can be maintained, take offline, or upgraded without downtime to the workloads running in the resource pool.
Putting It All Together
Private Cloud Infrastructure as a Service is an evolution in the industry and IT. It forms the foundation of cloud computing for all cloud enabled workloads. Designing for Infrastructure as a Service raises the IT Capability and Maturity level to realize cloud capabilities in the allowing the business to focus on objectives, respond with agility and realize economies of scale.