RECOMMENDED STRATEGY FOR HYBRID CLOUD INFRASTRUCTURE
Step-by-step adoption
Marcos Garcia Ron MarshallSenior Cloud Solutions Architect Senior Solutions Architect
June 2018
WHAT YOU’LL LEARN TODAY
1. Hybrid Cloud means Containers everywhere
2. Manage every cloud with Cloudforms
3. Standardize on Ansible for Cloud Automation
4. Interconnect Data Silos
5. OpenShift on OpenStack works great
A Red Hat perspectiveWHAT IS MULTICLOUD?
Using multiple clouds from multiple private OR public providers, for multiple workloads/tasks, without interconnectivity between clouds.
A combination of one or more public AND private clouds, with some degree of workload portability, integration, orchestration, and unified management across clouds.
noun • \ muhl-tee \ klaud \ noun • \ hī-bred \ klaud \
Source:https://www.redhat.com/en/topics/cloud-computing/what-is-multicloudhttps://www.redhat.com/en/topics/cloud-computing/what-is-hybrid-cloud
MULTICLOUD HYBRID CLOUD
Exposition of resources
Provide necessary environments to operations in minutes, not weeks or months
CLOUDDefinitions
APPLICATION PLATFORM
Consumption of resources
Able to easily access new developer environments to quickly build new apps and
move on
INFRASTRUCTURE PLATFORM
TOP DRIVERS OF PUBLIC CLOUD ADOPTIONAgility, security, and productivity
[n=6,084 respondents weighted by country]Source: IDC, Top Drivers of Cloud Adoption by Type of Cloud Deployment. Doc # US42829717, Jun 2017.
PERCENTAGE OF RESPONDENTS
IMPROVE AGILITYIMPROVE SECURITY
IMPROVE STAFF PRODUCTIVITY
Reduce budget
Simplify or standardize IT
Shift from CapEx to OpExMore control to business units
Faster access to toolsReassign IT personnel
Improve time to market
50%30% 40%20%
WHY ENTERPRISES CHOOSE PRIVATE CLOUDSecurity, compliance, control, and flexibility are top benefits
of user organizations surveyed cited increased security as the top benefit of private cloud.
of these organizations cited global compliance, enhanced IT control, flexibility, and data management as further benefits.
75%
70%
Source 451 Research for Red Hat, OpenStack Platform Delivers for Private Cloud Users, Dec 2016. :
BENEFITS OF PRIVATE CLOUDComplete control over data, cost, and location
Source: Corina Marcuti for Luminus, 7 benefits of choosing a private cloud solution, Jan 2017. http://luminus.tech/2017/01/13/7-benefits-of-choosing-a-private-cloud-solution/
Create and customize to meet business
needs
CONTROLReduce cost of
infrastructure and operations over time
COSTSecure your info on your servers in your
datacenter
PRIVACYAvoid concerns about
vendor stability or longevity
NO LOCK-INAPI’s available 24x7,
to multiple teams
SELF-SERVICE
USES both on-premise and public cloud infrastructure
UNIFIES management across all environments
SHARES resources across infrastructure platforms
PROVIDES a container environment with orchestration
ADHERES to open, common industry standards and APIs
OPEN HYBRID CLOUD PLATFORMA modern platform that takes advantage of all environments
A COMMON FOUNDATION FOR HYBRID CLOUD INFRASTRUCTURE
PUBLICPHYSICAL VIRTUAL PRIVATE
RED HAT ENTERPRISE LINUX
A MULTICLOUD APPLICATION PLATFORM
STANDARD MANAGEMENT
STANDARD WORKLOADS
MULTIPLE INFRASTRUCTURE
SAME USER EXPERIENCEOCP on Amazon Public Cloud or on OpenStack Private Cloud
DIVERSE INFRA CAN BE CHALLENGINGSILOS BLOCK BUSINESS INNOVATION AND VALUE
SILOED TOOLSETS
SILOEDTEAMS
BUSINESS VALUE
SILOED WORKLOADS
THIS IS BAD FOR YOUR TEAM’S CULTURE AND SUCCESS!
DIVERSE INFRA CAN BE CHALLENGINGRED HAT MULTICLOUD UNLOCKS BUSINESS INNOVATION AND VALUE
SHARED TOOLSETS
SHARED MANAGEMENT
BUSINESS VALUE
MULTICLOUDCONTAINER WORKLOADS
Red Hat multicloud is the evolution of digital transformation.
WHY SHOULD MANAGEMENT BE HYBRID? TO ELIMINATE DISPARATE SYSTEMS & DUPLICATION OF EFFORT
● Different management systems
● Different automation and policies
VIRTUALIZATION PUBLICCLOUD
CONTAINERSPRIVATECLOUD
HYBRID CLOUD MANAGEMENT EFFICIENCY COMMON SYSTEM ELIMINATES DUPLICATION OF EFFORT
● One management system
● Consistent automation & policies
VIRTUALIZATION PRIVATECLOUD
PUBLIC CLOUD
CONTAINERS
HYBRID MANAGEMENT
HYBRID CLOUD MANAGEMENTSELF-SERVICE, SYSTEM DEPLOYMENT, CONFIGURATION, & REMEDIATION
Order a service in a self-service
portal
Deploy instanceson VMs, in an
OpenStack private cloud, or public cloud
Automated OS deployment,
configuration, and errata updates
Infrastructure orchestration, application deployment, & automated remediation of
critical issues
Proactively monitor & identify issues
Monitor progress and inform the user when actions are completed
ONE STEP FURTHER: HYBRID NETWORKINGConnect multiple clouds with your own VPNs or 3rd party SDN / SDWAN
VIRTUALIZATION PRIVATECLOUD
PUBLIC CLOUD
CONTAINERS
HYBRID NETWORK
● OVN● Contrail● Tigera● NSX-T● Cisco CSR1000v● Viptela, etc
ONE STEP FURTHER: HYBRID STORAGEConnecting silos allows application portability and lower costs
VIRTUALIZATION PRIVATECLOUD
PUBLIC CLOUD
CONTAINERS
HYBRID STORAGE
Using
● Gluster
● Ceph
Expose common interfaces
● S3/Swift object APIs
● NFS/Samba POSIX folders
With geo-replication across clouds
#1: Visibility and Policies
(MULTI)CLOUDFORMSMANAGE CONTAINER, VIRTUAL, PRIVATE, AND PUBLIC CLOUD INFRASTRUCTURES
CLOUDFORMS MULTICLOUD INTEGRATIONSCLOUDFORMS 4.6 DOES MULTICLOUD
Smart-State Analysis on Azure-managed disks
User data for GCE instance provisioning
Smart-State Analysis on EC2
Template provisioning from Service Catalogue
Reporting: Metering and Chargeback improvements
User experience: Security, dashboards, and filters
Security groups, flavors, and Smart-State for boot from vol.
OSP and CloudForms tenant synchronisation (on-demand)
Assign Chargeback Rate by Storage Volume Type.
CloudForms containerised deployment.
Transform VMware VM into a RHV VM + all the plumbing.
Bare metal management: introspect and manage, physical! (Lenovo Xclarity)
PUBLIC CLOUDOPENSHIFTCONTAINER PLATFORM
RED HATOPENSTACK PLATFORM
CLOUDFORMSVMware | RHV | Bare Metal
Demo: Dashboard and Reports
Demo: Topology view & OCP Dependencies
DEMO: Smart State Analysis
DEMO: Control Policies
#2: Cloud Services Catalog
CLOUDFORMS SERVICE CATALOG
TASK TIME MINS
Create virtual machine
Add storage and networking
Queue between teams
Install operating system
Wait after install
Configure operating system
Install application platforms
Configure application platforms
Queue between teams
Security configuration and scan
2
3
120
2
60
1
2
1
120
2
ACTI(E )ORK TIME 13 minutes
13 minsTOTAL TIME
ACCELERATE SERVICE DELIVERYREQUEST
DEVELOPER
EN(IRONMENT
Cloudforms Native Provisioning Existing Tools (via Ansible)
Ansible Cloud ModulesOrchestration Templates
FOUR WAYS TO PROVISION CLOUD SERVICESFrom Cloudforms
EXAMPLEYour applications and systems are more than just collections of configurations. They’re a finely tuned and ordered list of tasks and processes that result in your working application. Ansible can do it all: • Provisioning
• App Deployment
• Configuration Management
• Multi-tier Orchestration
DEMO: Deploy Cloud Service
x2 Ticket Monster
DB
EAP+++
DBInstance
JBossInstances
DBDeploy.
Playbook
J(M + JBoss Deploy. + ELB
Playbook
Ansible Playbook
+
ELB
Playbook: https://github.com/marcosgm/workflow-demo/blob/master/plays/ticket-monster-aws.yml
#3: Cloud Interconnect
Multiple VPN Options:
● AWS Virtual Private Gateway● Azure VPN Gateway● GCE Cloud VPN
Multiple peering options:
● AWS Direct Connect● Azure ExpressRoute● GCE Dedicated Interconnect
They cannot even agree on the icons! Corporate DC
Public Internet
EACH CLOUD HAS ITS NETWORKHow to connect the silos?
resources:- type: Microsoft.Network/virtualNetworks/subnets name: "site2.scarter/outside" apiVersion: '2017-06-01' properties: addressPrefix: "10.2.1.0/24"
Resources: outsidesite2scarter: Type: AWS::EC2::Subnet Properties: CidrBlock: 10.2.1.0/24 AvailabilityZone: us-east-1a VpcId: Ref: site2scarter
Tags: - Key: Name Value: outside.site2.scarter
SO MANY WORDS… but only a few things matter
AWS CloudFormation Azure Resource Manager Template
SILOED AUTOMATION
AWS CloudFormation
Azure Resource Manager Template
resources:- type: Microsoft.Network/virtualNetworks/subnets name: "site2.scarter/outside" apiVersion: '2017-06-01' properties: addressPrefix: "10.2.1.0/24"
Resources: outsidesite2scarter: Type: AWS::EC2::Subnet Properties: CidrBlock: 10.2.1.0/24 AvailabilityZone: us-east-1a VpcId: Ref: site2scarter
Tags: - Key: Name Value: outside.site2.scarter
vpc_list:- name: site2.scarter cidr: 10.2.0.0/16 networks: - name: mgmt.site2.scarter cidr: 10.2.0.0/24 - name: outside.site2.scarter cidr: 10.2.1.0/24 - name: inside.site2.scarter cidr: 10.2.2.0/24
DATA MODELSBetter Living Through Abstraction
Abstraction Through Automation
BGP OSPF VLAN ACL QOS EVPN AAALB
NETWORK AUTOMATION WITH ANSIBLE
Time to ValueConfiguration & Change Automation
Faster Customer Service
On-boarding
Time to RemediationAutomated Fault Remediation
Faster Execution of Change Requests
Faster Execution of Maintenance
Faster Troubleshooting and Remediation
IMPROVED OUTCOMES WITH AUTOMATION
CONSISTENT ONBOARDING ACROSS CLOUDS
Provision Cloud Instance
Provision Cloud Network Services
Connect Cloud Router to DC
Establish VPN Tunnels
Provision Cloud Instance
Provision Cloud Network Services
Connect Cloud Router to DC
Establish VPN Tunnels
Establish VPN Tunnels
Establish VPN Tunnels
Connect DC Router to Cloud Router
Connect DC Router to Cloud Router
Cloud Model
Playbook ON-PREM
Provision Local Network Services
Provision Local Network Services
control10.0.2.10
DC
host110.2.2.10
10.2.2.0/24
Site2
10.0.2.0/24
10.0.0.0/16
10.2.0.0/16
Scenario: Provision new cloud capacity using template and add to corporate SD-WAN
1. Provision the new Cloud node2. Configure remote router
a. Set Hostname, DNS, Banners, etc.b. Harden routerc. Configure Interfacesd. Backup
3. Add remote router to VPNa. Checkpoint Stateb. Create IPSEC VPNc. Configure BGPd. Check connectivitye. Rollback on failure
MULTI-SITE/CLOUD EXAMPLE
Public Internet
host110.1.2.10
10.1.2.0/24
Site1
10.1.0.0/16
https://github.com/network-automation/an-cloud-builder
HYBRID STORAGE: FROM SILOS
HYBRID STORAGE: TO COMMON DATA SETS
Offers both
● Data Locality● Geo Replication
SAME STORAGE EXPERIENCE
Container-native Storage
EBS gp2
EBS gp2
EBS st1
EBS io1
vs.EBS sc1
STORAGE CAPACITY CONSOLIDATION
SIMPLIFY CONTAINER AVAILABILITY
AVAILABILITYZONE A
AVAILABILITYZONE B
AVAILABILITYZONE C
Node Node Node Node Node Node
GLOBAL STORAGE NAMESPACE
#4: OpenShift everywhere
External DNSRoute 53 (R53)
ProvisioningCloudFormations
AWS INTEGRATION POINTS
AWS Logging, Metrics, etcLimited support…
Registry StorageSimple Storage Service (S3)
VM Storage and persistent container storageElastic Block Storage (EBS), S3
Master LB and App LBElastic Load Balancer (ELB)
OpenShift Virtual Machines10x EC2 in the RA
AuthenticationNo native provider
Ext ServicesService BrokerCheckout the summit demo!
Azure DNSExternal DNS
AZURE INTEGRATION POINTS
Azure Logging, Metrics, etc
Azure Active DirectoryUser Authentication
Azure Storage AccountVM storage, registry and persistant Container Storage
Azure Load BalancerIngress Traffic
Azure Virtual Machines(10x in the Reference Architecture
Registry storageNo native provider (use VHDs)
Ext ServicesService Broker
GCP INTEGRATION POINTS
External DNSGoogle DNS
ProvisioningDeployment Manager
GCP Logging, Metrics, etcLimited support…
Registry StorageGoogle Virtual Disks
VM Storage and persistent container storageGoogle volumes and virtual disks
Master LB and App LBCloud Load Balancer
OpenShift Virtual MachinesGoogle Virtual Machines
AuthenticationNo native provider
Ext ServicesService Broker
OPENSTACK INTEGRATIONNative networking and storage plugins
ANSIBLE
NETWORKING IN THE PRIVATE CLOUDIMPROVE PERFORMANCE ON OPENSTACK AVOIDING DOUBLE ENCAPSULATION
VXLAN 1 - Tenant X VXLAN 2 - Tenant OCP
VM Tenant X VM - OCP Node
VXLAN 8 - Pod 1 VXLAN 9 - Pod 2
Pod 1 Containers
Pod 2 Containers
VXLAN 1 - Tenant X
VM Tenant X VM - OCP Node
VXLAN 3 - Pod 1 VXLAN 4 - Pod 2
Pod 1 Containers
Pod 2 Containers
OpenStack Kuryr
Any other cloud
BEFORE NOW
STORAGE IN THE PRIVATE CLOUDSAVE TIME BY HAVING OPENSTACK MANAGE YOUR CONTAINER’S STORAGE NEEDS
OPENSHIFT SER(ICE CATALOG
OpenShiftAnsibleBroker
OpenShiftTemplateBroker
AWSServiceBroker
IaaSServiceBrokers
ANSIBLE
OPENSHIFT
AMAZON WEB SERVICES
CLOUDFORMS SERVICES
Ansible Playbook Bundles
OpenShiftTemplates
PublicCloudServices
IaaSServices
SERVICE BROKER
SER(ICE BROKERS
Expose and Provision Services
Ansible Playbook Bundle (APB) for AWSWhen an OpenShift user requests an AWS service, an APB container runs to complete the task
Start with us
GLOBAL SERVICES ARE HERE TO HELP!
Identify potential technologies and
solutions
Identify business drivers, use cases, and
challenges
Create an action plan to address opportunities
START WITH DISCOVERY SESSIONHYBRID CLOUDINFRASTRUCTURE
CLOUD MIGRATION »
CONTAINER ADOPTION PROGRAM »
NFV ADOPTION »
OPEN MANAGEMENT FOR VIRTUALIZATION »
STORAGE »
CLOUD ADOPTION WITH RED HATMove from traditional to cloud in 3 steps
DISCOVERReview and capture:
Infrastructure requirements
Processes
Workload/apps
Environment details
Develop a cloud migration strategy that is right for your business.
DESIGNIdentify target architecture:
Level of effort
Timelines
Organizational adoption
Critical and suitable apps
Build your implementation roadmap.
DEPLOYDeploy your environment(s):
Develop
Test
Deploy
Automated migration
Implementing cloud management and training and mentoring for IT staff.
www.redhat.com/en/resources/
hybrid-cloud-strategy-for-dummies-ebook
KEY TAKEAWAYS
1. Hybrid Cloud means Containers everywhere
2. Manage every cloud with Cloudforms
3. Standardize on Ansible for Cloud Automation
4. Interconnect Data Silos
5. OpenShift on OpenStack works great
THANK YOUplus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHat