© 2013 IBM Corporation

IBM SmartCloud Enterprise+ A managed multi-tenant private cloud Ruediger Schulze 11/07/2013

© 2013 IBM Corporation

2

About me

Ruediger Schulze Senior Software Engineer at the IBM Development Lab in Boeblingen

Joined IBM in 1998

e-mail: ruediger.schulze@de.ibm.com

xing.de: Ruediger Schulze

Linkedin: Ruediger Schulze

2011 until today Smart Cloud Enterprise+ Provisioning Development Lead

2010 High Availability for Smart Cloud Enterprise (SCE)

2009 Data Center automation project for German customer

2007 to 2008 Test Team Lead for Tivoli Systems Automations

2006 Development Team Lead for Tivoli Dynamic Workload Console – z/OS related UI

2005 zSeries Capacity Provisioning

2004 System Provisioning Development

1999 to 2003 z/OS Workload Manager Development

1998 Digital Data on S/390

© 2013 IBM Corporation

3

Agenda

• Introduction to IBM Smart Cloud Enterprise+

• Deployment Topology

• Create Server

• SCE+ Use Cases

• OpenStack and the SCE+ Use Cases

• Summary

© 2013 IBM Corporation

4

Introduction to IBM SmartCloud Enterprise+ ibm.com/smartcloud/services/enterpriseplus

• SCE+ is a robust, production-ready cloud environment providing fully managed infrastructure as a service (IaaS)

• Designed for versatility, with a variety of usage scenarios.

• Built on reliable hardware following a resilient design to ensure enterprise-class performance and availability

• Flexible configuration options for both Power and x86 running the operating systems AIX, Windows and Linux and storage

• Multiple security and isolation options built into the virtual infrastructure and network to keep tenants separate from each

other

• Single centralized management with cloud-based IT infrastructure library (ITIL) processes (change, configuration and asset

management)

• Globally deployed across multiple data-centers with a shared management environment and shared or dedicated managed

environments

Shared cloud services

Enterprise+

B B A

IBM SmartCloud Enterprise+

Management, support

and deployment

Security

and isolation

Availability and

performance

Technology

platform

Payment and

billing

Dedicated cloud

Enterprise+

© 2013 IBM Corporation

5

Usage Scenarios for IBM Smart Cloud Enterprise+

• Develop and test applications and then move them into

production – all on the same platform

• Maintain security levels and increase speed

to market with a consistent, fully managed operating

environment

• Leverage fully managed Infrastructure as a Service

(IaaS) globally to standardize and optimize

infrastructure, save money and facilitate collaboration

and innovation

• Manage client-facing web site, company intranet, web

applications or web social applications

• Enable applications and manage them – scaling to

meet increases in traffic

• Provide a robust foundation for transformational plays

– for an industry-specific solution like SmartCloud

Service Delivery for Electronics or

to deliver a company solution to end user customers

• Run SAP and Oracle Applications on a

security-rich cloud infrastructure enhanced

with IBM deep expertise, processes and tools

Managed development and test

Data center transformation

Managed web hosting/apps/social

As a component of an Industry play

Production workloads

© 2013 IBM Corporation

6

SCE+ is deployed in data centers around the world

North America: Raleigh, N.C., and Boulder, Colo., USA; Markham, Canada

South America: Hortolandia, Sao Paulo, Brazil

Europe: Ehningen, Germany; Montpellier, France; Winterthur, Switzerland; Barcelona, Spain

Asia Pacific: Sydney, Australia; Makuhari, Japan

India

North America

Asia Pacific

Europe, Middle East and Africa

Latin America

Local point of delivery

© 2013 IBM Corporation

7

SCE+ Deployment Topology

Central Cloud Management

SCE+ IaaS API

Site A

Management

Single centralized managing system in Ehningen (DE)

• For SCE+ Portal, SCE+ IaaS API, Service Catalog

and offerings, service management functions like

change, asset and config management

• manages multiple, local sites

• Service Orchestration

Local sites contain tools used to manage resources across

multiple PoDs

• for provisioning, patching, service activation &

deactivation

Points of delivery (PoDs) at a given site can be shared or

dedicated, local or remote

• contains managed resources (server, storage,

network)

• managing tools for HW management, backup and

monitoring, etc.

• Upto 6 PoDs per site

Service Management

•Service Catalog

•Change Management

• Asset Management

• Config Management

• Incident Management

• Metering and Chargeback

Standard processes

• Account Management

• Onboarding

• Entitlement

• Billing

• Reports

• SLA Management

Site B

Management

...

PoD1 PoD1

...

SCE+ Portal

• Hypervisor managers

• Patch Management

• Monitoring

• Storage Management

• Managed p,x, XIV

• Provisioning

• Patch Management

• Security Compliance

• Identity Management

• Event Management

• Asset Management

• Config Management

• SAnD

© 2013 IBM Corporation

8

PoD1

PoD1

Local Site Management

SCE+ Deployment Topology – Local Site

Local Site:

• Single instance of Service Automation and Provisioning engines manages multiple PoDs

• Two cloud pools per PoD (1 x VMWare, 1 x VMControl)

PoD:

• Two building blocks for HA fail-over and DR

• Pre-allocate datastores for VMWare according to SLAs

• Storage allocation for AIX through Storage Virtualization Manager (SVM) to ensure disk cleansing

Service Automation and Provisioning

Power System Pool: 12 x p770

VMWare Cluster B: 8 x x3850

Storage ... Storage

SAN Volume Controller (SVC)

Storage Productivity

Center (TPC)

Storage Virtualization

Manager (SVM)

Repository Patch Automation Security Compliance

LDAP Active Directory CI & Asset Discovery

Backup

Monitoring

VMWare Cluster A: 8 x x3850

Antivirus

© 2013 IBM Corporation

9

Central Cloud Management – Service Management

Virtualization

Manager

CMDB

SCE+ Service Orchestration and Provisioning

Service Orchestration is done on the central site,

by combining the services provided by the local

sites into composite services.

• Single portal service requests trigger within the

associated change multiple service requests in

the local site to provide the requested service

• Service requests created within the local site

fulfill a specific provisioning use case

Service Request

Change Request

Workflow

Local site –

Service Automation

and Provisioning

CI

Asset DB

Asset

SCE+ API

Workflow

VM

API

Inbox

Assigment

System

Management

products

REST

SCE+ Portal

Service Request

REST API

© 2013 IBM Corporation

10

Self-service management through the SCE+ portal

The SCE+ portal provides the customer with access to the SCE+ offerings.

SCE+

portal

Server Management

Server, Storage,

Projects, Monitors,

Patches, IP addresses

Service Operation

Approvals, Service

Requests, Incidents

Account

Management

Teams, Users

Create Server example:

Capacity Service category Software image Managed services

64-bit IBM System x®

virtual machine

8 central processing

unit, 16 gigabytes (GB)

random access

memory (RAM),

384 GB storage

99.5 Silver service-level

agreement

24-hour service

request fulfillment

RHEL Linux 6.3

IBM DB2® Enterprise

Edition v9.7.1

Operating system

© 2013 IBM Corporation

11

Parameters of the Create Server offering

© 2013 IBM Corporation

12

SCE+ Configuration options

x86 options 32-bit configurations 64-bit configurations max

Small Medium Large Small Medium Large Extra large Jumbo Windows: depending on OS edition

Virtual CPUs 1 2 4 1 2 4 8 16 64 – Windows: 4 (SE), 8 (EE), 64 (DC)

Virtual memory (gigabytes) 1 2 4 2 4 8 16 32 128 – Windows: 32 (SE), 128 (EE, DC)

Instance storage (gigabytes) 64 128 192 64 128 192 384 512 49.664 (incl. 24 disks w/ 2 TB each)

IBM Power Systems options 64-bit configurations max

Small Medium Large Extra large Jumbo

Virtual CPUs 1 2 4 8 16 32

Virtual memory (gigabytes) 2 4 8 16 32 96

Instance storage (gigabytes) 64 128 192 384 512 49.664 (incl. 24 disks w/ 2 TB each)

VM Capacity options

Operating Systems

x86 operating Systems 32 bit 64 bit

Windows Server 2003 R2 DC / EE / SE Yes Yes

Windows Server 2008 R2 DC / EE / SE n/a Yes

Red Hat 5.6 Yes Yes

Red Hat 5.8 Yes Yes

Red Hat 6.3 Yes Yes

x86 operating Systems AIX Windows Linux

IBM DB2 EE V9.7 Yes Yes Yes

IBM WebSphere® MQ V7.0 Yes Yes Yes

Apache Tomcat V5.5 Yes Yes Yes

IBM MQ Client 7.0.1 Yes Yes Yes

IBM Power Systems options 64 bit

AIX 6.1 Yes

AIX 7.1 Yes

Software

SLA Availability

Platinum (incl. disk replication) 99,9 %

Gold 99,7 %

Silver 99.5 %

Bronze 98.5 %

SLA

© 2013 IBM Corporation

13

Steps for creation of a virtual machine (VM) in SCE+

More than

70 tasks are

automated and

auditable.

• Customer requests VM through the cloud web portal

• Virtual machine – virtual resource provisioning of server and storage resources

• Execution of automated tooling for preparation of operating system. Examples:

• Install and configure agents (for example, monitoring and backup)

• Patching operating system (OS) to current levels

• Security scans (e.g. Antivirus)

• Registration into management tools. Examples:

• Configuration (CI) in Configuration Management database (CMDB)

• Asset – VM and installed software

• Compliance – contain records of full compliance to security policies and standards

• Verification by IBM Delivery Executive and turn over to customer for use

SCE+

portal

VM provisioning OS

configuration Registration Verification

SmartCloud Enterprise+

© 2013 IBM Corporation

14

Use Case: Create Server

© 2013 IBM Corporation

15

Use Case: Create Unmanaged Server

© 2013 IBM Corporation

16

SCE+ Managed services and tools

Monitoring and management of

operating systems (OS)

ITIL-based managed services

enable more consistent and

efficient service management

Supporting managed services

to enable additional

management and resiliency

• Monitoring and patch

management of OS

components

• Antivirus on Microsoft

Windows OS

• Accounting

of software licenses

• OS-level security and

compliance

Security policy management

and compliance support

• Service catalog

• Service request – activation

and deactivation (SA&D)

• Incident, problem and change

management

• Event management

• Configuration management

• Asset management

• Management above the

operating system (such as

database and middleware)

Monitoring and response

to alerts

Patch management

• Vulnerability management for

the managed environment

Scanning using IBM security

services

Response to alerts

and events

© 2013 IBM Corporation

17

Use Case: Add managed services

© 2013 IBM Corporation

18

Use Case: Add raw disks

© 2013 IBM Corporation

19

Storage support for AIX

• Add up to 24 disks in addition to the root disk to an LPAR with varying sizes from 4 GB to 2 TB, allowing for a maximum of 48 TB of data disks

• The creation of the additional disks is done using Storage Virtualization Manager (SVM)

• SVM allocates requested disks and maps them to the storage VIOS of the LPAR’s host

• SVM achieves disk cleansing by creating a thin volume first, setting up a thick mirror, syncing the mirror and finally deleting the thin volume once synchronization is complete.

• Workflow SVM_AddDisks requests disk allocation through SVM, runs commands to map the disks to the LPAR and triggers ISD/VMControl discovery

XIV ... XIV

SVC TPC

SVM

workflow: SVM_AddDisks

Host

VIOS VIOS

HMC ISD / VMControl

© 2013 IBM Corporation

20

SCE+ Use Cases (subset)

Server

Management

Backup and

Restore

HA Cluster

Management

© 2013 IBM Corporation

21

OpenStack and the SCE+ use cases

SCE+ Use Case OpenStack component

Select VLANs & IPs Neutron together with Heat or external orchestration

Provision LPAR Nova – using PowerVM driver

Provision VM Nova – using vmwareapi driver

Select Datastore Use external orchestration

Create Disk Mirror Use external orchestration

Clean Disk Use thin provisioning or external orchestration

Configure OS Use Chef for OS specific settings

Configure SLA Use external orchestration and Chef for OS specific settings

Configure and register hostname Neutron

Register CI and asset Use external orchestration

Add raw disks Potentially Cinder but no disk replication support yet

Add managed services Use external orchestration

Deploy software Potentially Heat or external orchestration

Modify server resources Nova

Remove server Nova together with external orchestration for agent deregistration and

removing disks

Stop, Start, Restart Server Nova

Server Backup and Restore Potentially nova or external orchestration

File Backup and Restore Use external orchestration

Create and Remove HA cluster Nova together with external orchestration

Reserve and Release Service IP Neutron

© 2013 IBM Corporation

22

Summary

• Introduced IBM Smart Cloud Enterprise+ as an Infrastructure as a Service

(IaaS) solution designed to provide clients with access to a robust cloud

environment fully managed by IBM.

• Discussed the deployment topology of SCE+ as an example to illustrate how

clouds can be globally deployed.

• Discussed the Create Server use case of SCE+ in detail and developed the

understanding that the use cases of production-ready, managed clouds are

associated with additional requirements to the infrastructure and automation.

• OpenStack will become the provisioning solution for clouds. With the current

functionality not all use cases can be covered yet. But given the momentum

of the development, it is reasonable to assume that these functions will be

delivered in near future and that OpenStack becomes a suitable alternative

for enterprise-level cloud implementations.

© 2013 IBM Corporation

23

Topics for Student Essay

Describe the use cases to be considered for an enterprise-level cloud

implementation like SCE+.

u

u

u

Evaluate how these use cases maybe realized with OpenStack in future

and where OpenStack still requires enhancements to cover them.

Describe the deployment topology of a globally deployed cloud SCE+.

© 2013 IBM Corporation

24

Thank you for your time today.

For more information:

• IBM SmartCloud Enterprise+

Contact:

• Ruediger Schulze

• ruediger.schulze@de.ibm.com