How to use a Cloud? Roeland Kuipers – Mission Critical Engineer @ Schuberg Philis 

Who Am I? »  Roeland Kuipers –  Proud dad of Tatum Kuipers –  Grown up in the ISP / Hosting world –  Part-time traveler –  First computer at the age of 9 –  IT professional as of 1999 –  Working for Schuberg Philis since Feb. 2006 –  Dislikes repetitive work, loves to see automation in action 

How to use a cloud? YES 100% 

Our Journey into the cloud 2006: Physical 2009: Virtual Jan 2012: Cloud PoC Oct 2012: Beta Cloud Jan 2013: Prod Cloud 

Dedicated Cloud Shared Cloud Schuberg Philis Mission Critical Cloud flavours Mission Critical Cloud Orchestration Orchestration Mission Critical Admin Cloud Non- Sync DC1 Private Cloud Sync DC1 Sync DC2 Non- Sync DC2 DC1 DC2 DC1 DC2 Admin 

Mapped on the cloud 

Use Case: Private Cloud (Production workloads) »  Dedicated zone (single tenant) »  Dedicated compute/networking and storage »  VLAN isolation »  Traditional Networking (managed outside cloudstack) »  Cloudstack Features used: –  VM Orchestration –  HA –  DHCP –  Shared networks 

Use Case: test/dev/admin workloads »  Shared zone (multi-tenant) »  Shared compute, networking and storage »  SDN: STT isolation (VMWare NSX – Nicira NVP) »  NVP Gateway L2 Bridging (lswitch <-> VLAN) »  Cloudstack Virtual router icw overlay networking »  Cloudstack Features used –  VM Orchestration –  Redundant virtual router –  HA –  Load Balancing –  NAT & Firewall –  VPC / VPC Private gateway –  DHCP 

Cloud Bursting & Elasticity DMZ App DB DMZ App DB DMZ App DB VM VM VM VM VM VM VM VM DMZ App DB VM VM VM VM OVS tunnel OVS tunnel OVS tunnel Admin Monitoring Backup Traditional infrastructure, private zone or private cloud Mission Critical Cloud 

Use case: SBP Services Layer »  Cloud Agnosticity »  Chef »  Jenkins »  IDM/AM »  Splunk »  etc 

Abstraction HyperVisors Xen KVM ESX HyperV OVM IaaS orchestration Cloudstack OpenStack AWS Azure Config Management Chef Puppet CfEngine Applications 

Workflow for projects Adapt proposal based on feedback if required Intake meetings Scenarios and Options Selection Pricing of Services for a contracted period of 12 months One-time Monthly all scenarios ##### Description Number Include? Datacenter And Connectivity Cost Before Go-Live € 0 Tridion 2009 O&T environment Toevoeging van Git versiebeheersysteem 1 Mco-Datacenter € 0 € 250 Scenario 2 2 Mco-Atom86-Connectivity € 0 € 0 Scenario 3 3 Mco-Other-Connectivity € 0 € 0 4 Mco-Monitoring € 0 € 803 Equipment (hw/sw) Sourcing Selection 5 Mco-Infrastructure Management € 6.920 € 3.537 6 Mco-Applications Management € 13.840 € 864 Leasing 2 7 Mco-Service Management Setup € 0 Buying 8 Mco-Knowledge Management Setup € 0 No HW/SW Included 9 € 851 10 Specials, non recurring € 0 € 0 Notes & Change log 11 Services One-time € 20.760 MCO-Platform Monthly Services € 6.305 12 13 14 Total pricing for Customer 15 16 One-time Monthly 17 Mco-Equipment (Hw/Sw) € 23.803 Mco-Equipment (Hw/Sw) € 0 18 Services one time € 20.760 MCO-Platform Monthly Services € 6.305 19 Total one-off charges € 44.563 Total monthly charges € 6.305 20 21 22 23 Unforseen, cabling and small expenses percentage 3% 24 25 Total one-off charges Total monthly charges Unforseen percentage (applied on equipment) Specials, recurring Mco-Sbp Software (Adm Sw) Services Mco-Monitoring Mco-Infrastructure Management Mco-Applications Management Mco-Atom86-Connectivity Mco-Other-Connectivity Mco-Datacenter Infra Scenario Options Services One-Off Services Recurring Create Layer 7 diagram Create Layer 3 diagram Create Costmodel Explain and discuss proposal 

Infra as code "name": "3-tier-aspnet-mssql", "description": "A redundant 3 tier ASPnet & MSSQL setup", "version": "1.0", "environment": "production", "servers": [ { "name": "MCCPWS1, MCCPWS2", "description": "IIS Nodes", "template": "Windows-2008-R2", "service": "SBP-SMALL", "networks": "prod-dmz-custx", "port_rules": "80,443", "run_list": "role[windows-base], role[windows-iis-dotnet]", }, Infrastructure definition Chef/Cloudstack Ready to receive business applications Costmodel 

Cooking with Lego »  Key Infra components »  Configure monitoring »  Configure backup »  Configure network »  Configure logging »  Chef Search & Chef LWRP »  OO config management 

Infrastructure as code - App include_recipe “CsFirewall" apache_module “php5" do conf true end web_app "my_site" do server_name node['hostname'] server_aliases [node['fqdn'], my-site.example.com"] docroot "/srv/www/my_site“ end nagios_nrpecheck "check_load" do command "#{node['nagios']['plugin_dir']}/check_load warning_condition node['nagios']['checks']['load'] ['warning'] critical_condition node['nagios']['checks']['load'] ['critical'] action :add end VM (Role) Monitoring Network ACL’s Load Balancing Backup Statistics Logging 

. Network L2/L3 The complete picture NVP Controller Cloudstack Storage Compute Open vSwitch OpenFlow User Infra definition Usage VM NVP GW Chef Tunnel VM Network Services (FW/LB/NAT) Private Cloud / Existing infrastructure 

Beyond IT problems »  Evolve vs reinvent »  Stop Forking! »  Identify cornerstones »  Workflows »  Build communities 

It’s about the ecosystem! 

Thank you! Mail: [email protected] Twitter: _BouL_ www.schubergphilis.com