Let me start by making a statement that you may or may not agree with – being heterogeneous is often a problem in need of a solution…not a strategy. Allow me to explain…
I recently had an opportunity to record a Podcast with one of VMware’s valued channel partners, GovConnection.com. During the Podcast I addressed several questions regarding the adoption of cloud infrastructures in the Federal Government.
- cloud adoption rates across federal organizations
- cloud technology drivers (why cloud?)
- the advantages of building out a cloud infrastructure vs. traditional IT
- recommended steps for getting started (how cloud?)
- how VMware solutions align themselves with this IT evolution
This week I had the distinct pleasure of joining a panel of cloud industry experts for the AFCEA Belvoir Industry Days conference at Washington National Harbor’s Gaylord Resort to discuss the hot topics of cloud computing in front of hundreds of attendees representing several federal agencies (notably the US Army). The panel was moderated by GSA CIO, Casey Coleman, and included experts representing Lockheed Martin, CSC, Octo Consulting Groupand — best of all — VMware (i.e. yours truly). linked are the BIO’s for each posted on the AFCEA Belvoir website.
- IT Production – early stage virtualization to reach new infrastructure and cost efficiencies.
- Business Production – realizing the value of all that is gained by virtualizing “low hanging” applications in stage 1 — increased availability and performance, app agility, centralized management, etc — to drive the virtualization of business critical applications while setting a solid foundation for cloud computing.
- improved network isolation at several levels within the cloud,
- enhanced firewall capabilities,
- baked-in VPN tunnels and the ability to securely stretch tenant networks across clouds,
- enhanced NAT’ing flexibility,
- the addition of static routes and layer-3 routing
Are you ready for all that is cloud?? VMware recently released a cloud self-assessment questionnaire that walks you through your organization’s readiness in the following categories (from the site):
- Strategy – Aligning business needs with IT capability.
- Process – Streamlining and automating processes to achieve business agility.
- Architecture – Establishing an enterprise architecture for this new IT infrastructure.
- Technology – Designing and deploying your technology infrastructure from virtualization to cloud.
- People and Governance – Creating the roles and skills necessary to ensure company-wide adoption, and the accountability framework and policies for stakeholder collaboration.
The value proposition for a “green fields” cloud is reasonably clear — building new environment within vCloud’s framework helps enterprises add all the wonderful things above while streamlining:
- Security – Integration and auto-provisioning of vShield Edge and multi-tenant security boundaries
- Governance – Integration with Active Directory at the organizational level for tight security and control
- Resource Allocations – defining resource allowances through the use of virtual data centers (ex: vDCs)
- Agility / On-Demand Resources – utilizing vCloud’s allocation models to provide critical resources only as they are needed
- Cost Transparency – Integration with cloud-aware Chargeback
- Automation – using vClouds template libraries to rapidly deploy workloads within and across tenant clouds
- Efficiency – further driving resource utilization using innovative technologies, automation, and governance
- IT-as-a-Service – offering a highly automated, low-maintenance cloud infrastructure to consumers and allow IT to focus on delivering innovations that drive revenue growth
Using dedicated resource accounts to authenticate server and network services has been a best practice for as long as I’ve been in IT. This guideline adds security, interoperability, and governance to your deployed applications, independent of standard user (or admin) accounts. We understand why it’s good to follow these guidelines but if you’re anything like me, maintaining all the resource accounts, passwords, and the services they run can become a bit challenging over time. Rather than create an account and unique password per service, some admins use the same one for everything – windows/linux services, logins, UI’s, connectors, you name it. Although this adds a bit of convenience, it’s a BAD idea from a security perspective. Here’s the real challenge – keeping track of all those accounts, where they are plugged in, and the password cycle they’re on. This can become quite the headache; especially considering an expired or changed password can result in a significant service outage…another reason to avoid a single service account (i.e. single point of failure).
There’s a right way and a wrong way to install VMware’s vCloud Director (vCD). Identifying the wrong way is quite simple — it just won’t work. There’s actually a lot more to that — caveats, best practices, redundancy, add-ons — which I will cover in the next post. For now, we’ll focus on what you need before the install.
Installing vCD can be a daunting task if you don’t have all the prerequisites in place prior to rolling out the goods. Below is a quick list of to-do’s and links to the associated resources. The actual install of vCD is the quickest part of this entire process assuming all these pieces are in place. Do this right and the rest will be easy as pie…
VM’s (OS Requirements):
VMware vCenter Server 4.1
OS: Windows 2008 R2 x64
vCenter on a VM is fully supported. There are some caveats to consider, but I’ll cover that in the next post. For starters, make sure the vCenter VM is utilizing a standard vSwitch vs. a dvSwitch for net connectivity. This can apply to the majority of your management (core) VMs.
OS: ESXi 4.1 U1
Licensing at the vSphere Enterprise Plus level isn’t absolutely required, but highly recommended to enable the use of several vCD capabilities that otherwise would be unavailable (vCD-NI, I/O Control, etc).…