IBM Cloud Private – Agile Infrastructure

Overview
IBM Cloud Private enables Cloud Services and an Agile Infrastructure behind a company firewall. While Cloud Private can be deployed in the Amazon and IBM Cloud in supported use cases, the sweet spot for companies is to recognize the value of deploying Cloud Private to expose workloads as Services, rather than Servers within their on-premises environment.

Agility and Utility
Let’s use an example of something near and dear to all of us: our mobile. We all have one (or more):

CPMobile We’ve made this device ours by customizing to within an inch of its life to suit our needs. You likely have:

  • A workout application
  • Any number of credit card and / or banking applications
  • Shopping applications

Note that your phone is agile .. You can add / remove applications as you need. A brief use case .. You want to attend a concert:

  • You download the application
  • Enter your information
  • Purchase tickets
  • Show the e-ticket image when you arrive at the venue
  • Snap photos, snippets, uploading like mad during the concert

When all this is done .. You can delete the application to make room for other applications.

Mobile Games? Yes: you might upgrade your mobile game from that jewel thing to that bird thing .. deleting the unwanted game when you’ve won.

This is also quite similar to a familiar Utility Army Knife .. we’ve all seen this one:

CPUtilityKnife 322x294 You use:

  • The scissors for thread
  • The blade for preparing food
  • The saw for cutting wood
  • The bottle opener for wine
  • The file to get yourself out of prison

You snap out the tool you need, use it and then snap it back when you’re finished, moving round to the next task at hand.

You need not carry an entire toolbox with you .. this is something that would weigh you down. This device assures you can finish the work you need at the moment, and then move on to your next bit.

This is IBM Cloud Private: Cloud Services and Agile Infrastructure behind your firewall.

IBM Cloud Private – Innovative and Open
IBM are on to something with Cloud Private. IBM has leveraged assets from the world of Open Standards, building an execution platform that includes policy-based oversight, Role-Based Access Control (RBAC) and a variety of alerting and monitoring functions .. all of which are supplied OOB. Add to this the capability to deploy Services rather than Servers .. Services that include the bulk of the IBM Middleware portfolio, offerings from other vendors and applications from the Open Source Community.

This is not a ‘Rip and Replace’ paradigm .. This is ‘Augment and Enhance’. This is Agile Infrastructure, within your Execution Environment.

IBM Cloud Private – What Does it Do?
Some high-level pillars. IBM Cloud Private:

  • Provisions Cloud Services behind your firewall .. IBM offers fully-supported IaaS solutions for Cloud Private as well.
  • Enables an Agile Infrastructure, where you run Services, rather than CapEx Servers, many in a PayGo pricing model.
  • Has made available 100s of Services from the Catalog (think of it as an application store for your infrastructure) .. with that said, any Application packaged into a Helm Chart (by a vendor or by your company) can be deployed into a Cloud Private cluster.

Key bits: Services rather than Servers and an optimized execution model.

IBM Cloud Private – Architectural Discussion
IBM Cloud Private deploys atop commodity hardware, running on the Linux Operating System. To deconstruct:CPArchitecture

  • IBM Cloud Private exposes nodes to manage operations and enable Services.
  • Applications run as Services atop the Cloud Private nodes, providing access to Open Source applications, built-in monitoring / management capabilities and the IBM Middleware catalog.
  • Cloud Private has a number of Onboard services for Applications, Monitoring, Management, Alerting, Scheduling, and so on, integrating with the applications you use today.

This discussion is hyper-simplified for brevity. Please see IBM Cloud Private 3.1.0 Architecture for a deeper look, or ring me up.

The Customer Environment
By most accounts, your environment looks a bit like this:CPInfrastructure

  • You’ll see several hardware, virtualization and deployment layers within.
  • While you may have some automation in place, it is likely not standardized across deployment paradigms and capabilities, and it probably doesn’t give us an all-up view of how to best manage all the infrastructure assets within your organization.
  • Each of the blue boxes potentially represents:
    • A licensing requirement
    • A management requirement
    • A hardware requirement ..

.. all well before we get to actually servicing the users, devices and systems that are most important to our audiences. To this, I mean:

  • Recognizing CapEx licenses that require renewal
  • Maintaining patch levels across all the operating systems above
  • Infrastructure (hosts for VMs and / or physical servers) .. taking into account hardware refresh requirements

.. and the list goes on.

Some Notes on Workloads
When thinking about your workloads, you’ll likely realize:

  • Most are running 100% of the time (atop single-purpose virtual or physical hardware)
  • You’re paying for a software license 100% of the time
  • These workloads are not running at capacity 100% of the time

You pay for the hardware and the licenses 100% of the time .. given the bits above, let’s think about another way to deploy these workloads. In a perfect world, how should these workloads run?

  • Transient: specific-use workloads that you deploy, run and remove as your needs dictate. This is similar to the mobile device concert analogy, above. Note that these are the de facto standard for proof of concept, testing or introducing new workloads into an environment .. once you deploy Cloud Private, you can evaluate these workloads as Services, rather than deploying Servers.
  • On-Demand: pre-built, pre-configured and deployed on a moment’s notice .. note that these services can be spun up and available in seconds, versus VM / Physical Server start times.
  • Long-Running: Ongoing workloads for management, monitoring and alerting functions. These services are always available, at minimal PayGo cost. When they need to be scaled (dayparts, data volumes, activity), they can be, via defined policy.
  • Scalable: workloads with defined criteria that can expand to available capacity; the scalability typically triggered by capacity demands and under policy. These can be Transient, On-Demand or Long-Running workloads .. Again, under policy.
  • Burst: workloads scheduled during times the system is idle to increase optimization, and are scaled back to continue processing until the next burst opportunity, again, all under policy.

Ask Yourself: How many of the workloads you are running 100% of the time, consuming 100% CapEx licensing / hardware requirements might otherwise fit into one of the above paradigms?

Determine Applicability
You should have a look at IBM Cloud Private if a number of the following conditions exist in your environment:

  • CapEx licenses that require renewal .. Especially where these licenses can be implemented as PayGo Services
  • You’re running a lot of VMs with single or minimal workloads .. Especially where these VMs have CapEx licenses, as above
  • You’re running a lot of VMs that are consuming too much of your infrastructure capacity, requiring more management than you’d like to dedicated
  • You deployment includes multiple clouds (Public, Private or Hybrid)

Lots of questions above, likely requiring input from others in your organization .. Consider all the folks who have their hands on the keyboards, managing your infrastructure and deployments.

What you need:
An Agile Infrastructure session. In this session, we’ll unpack:

  • Your Use Cases / Execution
  • Your Deployments: Physical / Virtual
  • Your Licensing: CapEx / Subscription
  • Your Workload Management
  • Your Cross-Workload Integration
  • Your SaaS Integration Opportunities

.. and more. I can put you in touch.

Advertisements

Windows Azure Memory-Intensive Instance Options

There’s a FABULOUS, eye-catching headline, to be sure .. I’ll work on it.

It is exciting news though. Just as soon as Windows Azure announced support for Infrastructure as a Service (IaaS, for short), IT folks came out of the woodwork seeking customized sizing options that were outside the original five instance sizes offered by the service.

Now, while the A5 and A7 IaaS instances have been out for a while, the recent update includes the addition of a A6 IaaS instance, plus Cloud Service versions of the same capacities. This allows developers to deploy their memory-intensive applications in the Platform as a Service paradigm and save the IT department from having to manage from the operating system ‘up’ as with IaaS.

Name CPU Cores RAM
A5 2 14
A6 4 28
A7 8 56

Large memory instances are also available for both the Linux and Windows operating systems.

Pricing? Always. The Cloud Service and IaaS pages are updated with the full set of instance sizes:

Larger memory instances give developers and IT professionals the means to move more of their applications and IT assets into the cloud than ever before, no longer impacted by high memory usage forcing refactoring or workarounds. All in all, another step in the great journey to the cloud!

I’ll see you there.

PowerShell: Must have Microsoft Online Services Sign-In Assistant

I posted “Office 365 and PowerShell” a few weeks back and since then have been digging into the various ways PowerShell helps manage Office 365 installations. You’ll find a robust command set that can automate a wide number of deployment and management operations.

Setup (was) pretty straightforward the last time I did it (a few months back): download and install the Microsoft Online Services Sign-In Assistant for IT Professionals Beta and the appropriate cmdlets (please see my prior article) and you’re ready to go.

Now, I’ve rebuilt my system since then, so it’s time to do it over again. However, this time, I had mixed results. I installed the RTW version of the Online Services Assistant with a reboot. Then, I ran the installation program for the cmdlets .. then I got this:

“In order to install Windows Azure Active Directory Module for Windows PowerShell, you must have Microsoft Online Services Sign-In Assistant version 7.0 or greater installed on this computer”

Huh? :: mutter ::  Didn’t I just do that?

So, after a lot of uninstalls, reinstalls, reboots and more reinstalls, I ascertained there is a system check between the Beta and RTW bits that is failing. Some Bing-ing, Google-ing and swear-ing .. I came across a social post on MSDN: “Cannot install Azure Active Directory Module for Windows PowerShell. MOSSIA is not installed”, installing the Beta and then the RTW, but with an added registry fix that increases one parameter to the later version to satisfy the system check.

The fix seems to work, and the author of the post provided two .reg files: one to make the change and the other to undo it. My suggestion (as Microsoft will certainly distribute newer versions) is to perform the Beta and RTW installs, then export the registry settings so you can revert, just in case.

HTH.

Windows Azure Cache Preview

Well, it’s actually a preview of the new, and IMPROVED Windows Azure Cache.

You may recall that Windows Azure featured two flavors of caching capabilities in the past:

  • Windows Azure Shared Caching: a multi-tenant memory space, separate from any instance. Connect via endpoints between any Windows Azure components. RAM-based, fixed size .. useful, but a bit pricey. This service will be decommissioned no later than August 2014.
  • Windows Azure In-Role Cache: comprised of RAM that you choose to carve out of Role Instances that you deploy, joined into a single Cache cluster you can consume. This is a spiffy model: if your application runs at CPU capacity, but under the total instance memory, you have ‘wasted’ RAM. The In-Role Cache gives you a way to get more for what you are already paying. This feature continues to be fully-supported, so take a peek at your deployments and see if you can take advantage of this asset.

The new Windows Azure Cache Service (in Preview) performs caching by creating an isolated and dedicated cache in Windows Azure. Cache performance is completely under your control, whereas multi-tenant cache and processor-bound RAM access can be impacted by other tenants or your own operations. You access the new Cache Service using a secure and publicly addressable endpoint. With this endpoint, you can:

  • Access the cache to speed performance for applications deployed on Windows Azure Websites and Virtual Machines.
  • Share data securely, quickly and easily across instances to improve data access and performance.
  • (As before): preserve ASP.Net Session State across multiple instances and workloads.

But that’s not all (thank you, Ron Popeil and Billy Mays). While I’m not able to double your offer if you respond now .. let’s talk about the new bits (from the site):

  • Support across Windows Azure: while not exactly new (you can grant access from any asset deployed in Windows Azure to any other asset), there is a nice How to: Configure a Cache Client for Windows Azure Cache Service article available for your review.
  • Eas(ier) Management: a new addition for Cache management (as the older Silverlight-based portal is being decommissioned), you can now create a cache, scale a cache, configure a cache, and monitor the health and performance of a cache directly from the Windows Azure Management Portal.
  • The new Cache is quota-, throttle- and tenant-free. You can rely (and gauge) your performance impact whilst using the Cache.
  • As with the other Windows Azure Cache offerings, the new Cache Service is memcached-compatible. If you haven’t migrated off MD servers onto Windows Azure Cache (variants), you can do so now with the same syntax.

Caching (in general) and the new Windows Azure Cache Service are solid and easily-deployable means to significantly improve the performance of your application while reducing impact on other components (especially your database) .. you should consider these in your Cloud or Hybrid architecture.

There’s more (there always is) .. write me if I may assist you in your journey to the Cloud.

I’ll see you there.

Backup / Restore Windows System Disks in Windows Azure

As we all continue to embrace the Cloud (Windows Azure, in particular) as our machine-of-choice for commodity IT operations, the requirement to capture current-state VMs becomes a day-to-day reality for IT professionals. Let’s discuss some options to consider:

    Whether a developer or an IT Guy, the Cloud is a component of your toolbox you should consider. It’s a great journey!
    I’ll see you there.

Active Directory in Windows Azure ..

.. verry interesting.

It’s more than a Laugh-In reference, however. The Windows Azure Identity folks have built out an amazing way to federate identity across multiple platforms and locations, hybrid and cloud .. essentially arriving at confirming the proper person has arrived at the doorstep, requesting services. How would you like to:

    .. if these fit your use cases, please reach out. I’ll connect you to the proper folks.
    It’s a great journey to the Cloud!
    I’ll see you there.

Windows Azure SQL Database Premium Preview

As of today, Microsoft is offering access to a limited preview of the new Windows Azure SQL Database Premium service. As opposed to non-Premium, the new offering provides reserved instances for databases requiring higher performance capacity and predictable performance.

To sign up:

  • Visit the Preview Page and click the ‘Try it Now’ button.
  • When approved, visit the Windows Azure portal and request a Premium Database Quota assigned to your Cloud Services.

For the Preview, customers will be limited to one database per logical server, priced at 50% of the eventual GA pricing. Please see the Windows Azure SQL Database Premium page for more details and availability updates.

Windows Azure GA Update: Web Sites, SSL and Mobile Services

Wahoo .. Windows Azure Web Sites Standard Tier (Reserved are already in GA) are now released to General Availability, along with SSL support .. a big boon for folks seeking to deploy scalable, highly-available commerce-enabled web sites. If you’re ready to get started, sign up for a trial and check out:

Windows Azure Mobile Services are good to go in GA as well, sporting a high-availability SLA for services running in Standard and Premium tiers. Mobile Services makes it fast and easy to create a mobile backends for a number of devices, simplifying authentication and push paradigms .. why reinvent the wheel? Besides the services aspects, a number of native SDKs for devices and Windows Store are available today.Here are a few links to get you started:

For some of the latest bits, please navigate to the Build 2013 site held in June 2013 .. the session content is online and as fresh as it gets, speeding your way into the Cloud!

I’ll see you there.

Windows Azure Remote Desktop Services

Great news for the Virtual Desktop Interface (VDI) types out there: as of July 1, Microsoft now allows Remote Desktop Services (formerly called Terminal Services) licenses in Windows Azure Virtual Machines. Prior to this licensing update, you were only allowed to connect to the console of your VM for administrative purposes, and only up to two users at a time. With this new licensing modification, customers can now connect as many users as they have system capacity, and of course, licenses.

For complete details about licensing, please see:

The short version:

  • RDS Client Access Licenses (CALs) that are part of a a VL agreement are NOT eligible for license mobility rights, per the FAQ.
  • Windows Client desktops (Windows 7 or Windows 8) are also not allowed in Windows Azure, or any other Service Provider (Amazon, Rackspace, etc.) as multi-tenant hosting is not covered by PUR.
  • To increase users beyond the two administrative sessions you need to purchase RDS Subscriber Access Licenses (SALs) through the Microsoft Services Provider Licensing Agreement (SPLA) for each concurrent user accessing the VM. SPLA licenses are obtained through SPLA Resellers.

Common use cases include:

  • Partner-Hosted Microsoft Office: running a VM with Microsoft Office installed.
  • Thick-client application hosting (common RDP scenarios for complex, client-side applications).
  • Demo, test and legacy environments.

This is a major benefit to cost- and maintenance-conscious IT professionals, and yet another reason to get into the Cloud!

I’ll see you there.

Windows Azure at WPC

Finally taking a break, triple-tall-vanilla-soy-latte in hand and electrons flowing into my laptop. Windows Azure news from the Microsoft Worldwide Partner Conference 2013 in Houston:

  • The Windows Azure SQL Database will boast a premium offering shortly. As a shared database-as-a-service platform component, tenants can suffer from ‘noisy neighbors’, where other customers’ activities can impact your database performance. The premium offering will help manage this by assuring higher bandwidth and dedicated CPU capacity.
  • Windows Azure Active Directory integration will improve over time as well. Microsoft is working with several third-party SaaS vendors to integrate identify services with AD.
  • Limited previews of these updates will be made available in the coming weeks.

%d bloggers like this: