Peter Johnson ( peter.johnson2@unisys.com
)
CMG ‘11, Washington, D.C.
7 December 2011
Session 454, Paper 1033
Abstract
So you have decided to move one or more of your enterprise applications to the cloud. What are some of the migration issues that you should consider? Which applications are a good fit for the cloud? Could you possibly offer your application as a Software as a
Service (SaaS) solution? This paper looks at these questions and many more to help you understand the various possibilities when moving an application to the cloud and to help you better prepare for that migration.
© 2011 Unisys Corporation. All rights reserved.
Page 2
Agenda
• Introduction
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 3
Introduction
• You have an application running in your datacenter
– You want to run the application in the cloud
• What does that mean?
• Researched numerous cloud SaaS offerings to see what make them tick
– Handling large numbers of users, large amounts of data
– Understanding issues they encountered and overcame
• Examined how the NIST definition of cloud computing applied to SaaS
© 2011 Unisys Corporation. All rights reserved.
Page 4
How SaaS(y) is Your App?
Typical datacenter app
Ideal
SaaS app
Is your app here?
Or is it here?
© 2011 Unisys Corporation. All rights reserved.
Page 5
measure service
How SaaS(y) is Your App?
Datacenter self service
App network access resource pooling elasticity other measure service self service
Ideal
SaaS app network access resource pooling elasticity
© 2011 Unisys Corporation. All rights reserved.
other
Page 6
Agenda
• Context
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 7
Typical On-Boarding Process
1. New employee is hired
2. Manager notifies IT, via:
• web page
• ITSM ticket
5. Employee accesses application
4. Employee informed
(usually via email)
Issues:
• Manual process
• Slow (hours)
• Low volume
© 2011 Unisys Corporation. All rights reserved.
3. IT grants user access, via:
• updates Active Directory
• other
Page 8
Self-Service On-Boarding Process
1. User requests access
5. User uses app
2. On-boarding automation invoked
Application registration page or portal
Benefits:
• Automated
• Fast (minutes)
• High volume
Issues:
• Access restrictions
4. User sent
“welcome” email
3. user registered
Script
Runbook
App code
© 2011 Unisys Corporation. All rights reserved.
Page 9
Other Self-Service Considerations
• No access to Active Directory with public cloud
– Use database for registered users
• Registration can be handled by a separate application
– Might need a new home page
• Think about how to unregister users
– Accumulation of data users no longer care about
© 2011 Unisys Corporation. All rights reserved.
Page 10
Agenda
• Context
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 11
Network Access in Data Center http, https web service sockets, EJB, messaging, etc.
© 2011 Unisys Corporation. All rights reserved.
Page 12
Network Access in the Cloud disallow http access http, https encrypt web service sockets, EJB, messaging, etc.
blocked by firewall
© 2011 Unisys Corporation. All rights reserved.
Page 13
Network Access in Data Center standard corporate desktop with preloaded applications standard corporate laptop with preloaded applications
© 2011 Unisys Corporation. All rights reserved.
Page 14
Network Access in the Cloud desktops & laptops running:
• Windows
• Mac OS X
• Linux
• Variety of browsers
Netbooks
Smart phones tablets
Action plan:
1) Ensure browser works with your application
2) Provide native mobile app
(UI probably written from scratch)
© 2011 Unisys Corporation. All rights reserved.
Page 15
Agenda
• Context
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 16
Data Sharing and Separation
Acme Inc.
Business
Intelligence
Service
Apex Ltd.
Acme Inc.
data
Apex Ltd.
data
© 2011 Unisys Corporation. All rights reserved.
Page 17
Multi-Tenancy Models - #1
Acme Inc.
Each tenant has own VM(s) and own database
Apex Ltd.
Application does not need to be tenant aware
© 2011 Unisys Corporation. All rights reserved.
Acme Inc.
data
Apex Ltd.
data
Page 18
Multi-Tenancy Models - #2
Acme Inc.
Each tenant has own VM(s) but they share the same database
Apex Ltd.
Application needs to be tenant aware, but only for database access
Acme Inc.
data
Apex Ltd.
data
© 2011 Unisys Corporation. All rights reserved.
Page 19
Multi-Tenancy Models - #3
Acme Inc.
Tenants share the VM(s) but each has own database
Apex Ltd.
Application needs to be tenant aware
© 2011 Unisys Corporation. All rights reserved.
Acme Inc.
data
Apex Ltd.
data
Page 20
Multi-Tenancy Models - #4
Acme Inc.
Tenants share the VM(s) and the database
Apex Ltd.
Application needs to be tenant aware
© 2011 Unisys Corporation. All rights reserved.
Acme Inc.
data
Apex Ltd.
data
Page 21
Agenda
• Context
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 22
Elasticity Poster Child - Animoto
Time (interval between text is 16 hours)
Reference: http://aws.typepad.com/aws/2008/04/animoto---scali.html
© 2011 Unisys Corporation. All rights reserved.
Page 23
Elasticity Considerations
• Existing applications can benefit from scale down, making resource available for other tasks
• To scale up, application must be architected for it
– Use multiple tiers
– Use stateless design
– Use distributed design
• Database considerations
– Use a NoSQL database for data that doesn’t need transactional semantics
– Consider caching and/or sharding
• Does your cloud provide automatic elasticity (EC2), or do you have to check in your application (Azure)
© 2011 Unisys Corporation. All rights reserved.
Page 24
Agenda
• Context
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 25
Measured Service Considerations
• Who gets billed?
• How will you bill?
– Per request?
– Request processing time?
– Per megabyte moved/stored?
– Flat rate per month/year?
• If billing per use or by volume, provide portal where customer can check on current usage
© 2011 Unisys Corporation. All rights reserved.
Page 26
Agenda
• Context
• Cloud Reference Model
– On Demand Self-Service
– Broadband Network Access
– Resource Pooling
– Rapid Elasticity
– Measured Service
• Other Considerations
– IaaS vs PaaS
– Who are Your Users?
– Networking Issues
– Expect Failure
– Licensing Issues
– Application Lifecycle and Processes
– From Virtualized to the Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 27
Application Deployment: IaaS or PaaS?
rewrite
© 2011 Unisys Corporation. All rights reserved.
Microsoft
Azure
AppEngine
Spring, etc.
Page 28
Who are Your Users?
Importance of NIST
Characteristics
Low Medium Low Medium Low
Medium Medium Low Medium Low
High High High
(Your mileage may vary…)
© 2011 Unisys Corporation. All rights reserved.
High Medium
Page 29
Networking Issues
Network Usage
If you have a single application running on a box, what is the network usage?
If you have a dozen VMs on a box, now what is the network usage?
Virtual LAN
Each VM has its own LAN, no visibility of traffic of other VMs.
Datacenter Access
Most private cloud vendors provide
VPN access so that you can hook your apps back to the datacenter.
No Broadcast Support
Might require config changes for
Java EE app servers
© 2011 Unisys Corporation. All rights reserved.
Page 30
Expect Failure: What Could Go Wrong?
App or VM crashes
Solution: Run multiple copies, load balancer
Datacenter goes down
Solution: Distribute app among data centers
Trunk line goes down
Solution: Replicate apps and databases between regions
© 2011 Unisys Corporation. All rights reserved.
Database goes down
Solution: Cache data updates
Page 31
Licensing Issues
Does your application use software that comes from a third-party?
Does your license agreement allow you to run the that software in the cloud?
• Issues:
– Software locked down to MAC/IP address
– License billed by machine size (e.g. CPU count)
• Is that physical machine or virtual machine?
– Can you fire up extra copies? (might need more for elasticity)
• Will you be billed for actual copies used or potential copies?
– Can you migrate the software from one cloud to another?
Using open source software will help you avoid these licensing issues.
© 2011 Unisys Corporation. All rights reserved.
Page 32
Application Lifecycle
• How do you introduce changes/fixes/new versions?
– Some SaaS providers use rolling updates
– Most SaaS provides perform regular updates (weekly, daily, even hourly), rather than major infrequent upgrades
• How do you test the app?
– Many cloud vendors provide desktop simulation tools
• Google AppEngine SDK
• Microsoft Azure SDK
• etc.
– Set up some tests systems in the cloud
© 2011 Unisys Corporation. All rights reserved.
Page 33
From Virtualized to Cloud
© 2011 Unisys Corporation. All rights reserved.
Page 34
measure service
Conclusion: What’s the Shape of Your App?
self service network access resource pooling self service network access elasticity other measure service resource pooling elasticity
© 2011 Unisys Corporation. All rights reserved.
other
Page 35
Peter Johnson ( peter.johnson2@unisys.com
)
CMG ‘11, Washington, D.C.
7 December 2011
Session 454, Paper 1033
© 2011 Unisys Corporation. All rights reserved.
Page 36