open source in the cloudftp.osuosl.org/pub/osl/goscon/2009/presentations... · integration with the...
TRANSCRIPT
Open Source in the Cloud
Moderator: Pete TseronisSenior Advisor, U.S. Department of Energy
Panelists: Mark RylandNational Standards Officer, Microsoft
Dr. David McQueeneyVice President, Technology and Stratey, Chief Technology Officer, IBM Federal
Brian StevensChief Technology Officer and Vice President, Engineering, Red Hat
Henry SienkiewiczTechnical Program Director, Computing Services Directorate, Defense Information Systems Agency
Open Sourcein the Cloud
Mark Ryland
National Standards OfficerMicrosoft
Dr. David McQueeney
Vice President, Technology and StrategyChief Technology OfficerIBM Federal
GOSCON, 2009Some Thoughts on Open Source and the Cloud
Brian StevensRed Hat CTO, VP Engineering05 November 2009
DECODING THE STATE OF THE CLOUD
the signal-to-noise ratio is a tad low
WHY SHOULD A USER CARE?
Because they can Quickly deploy applications and services Eliminate the need to procure and manage hardware Pay only for what they consume Scale up and down as they need Deploy an app, anywhere, any time (internal or on-premise, physical to bare metal)
THE ROLE OF OPEN SOURCE
Accelerating cloud capability and adoption by
Federating the technology to eliminate barriers for cloud providers Opening APIs and code to millions of researchers and developers to advance the technical obstacles of security, migration, etc. Serving as the de facto standard for ensuring rich interoperability and compatibility between clouds
THE OPEN SOURCE ROADMAP FOR CLOUD ENABLEMENTDefining the future for open source cloud infrastructure:
Linux as the Hypervisor (Linux/KVM) - http://kvm.qumranet.com/ Cloud Abstraction Layer - http://deltacloud.org Virtual Compute Node API – http://libvirt.org/ Identity and Authentication Server - http://freeipa.org Application Orchestration- http://www.redhat.com/mrg Security Hardening - http://www.selinuxproject.org/SVirt Appliance Builder: http://thincrust.org
bstevens at redhat dot com
17
•Network Services•Program Executive Offices•Computing Services
17
Defense Information Systems Agency: Vision & Mission
Vision
Leaders enabling information dominance in defense of our Nation
MissionDISA, a Combat Support Agency, engineers
and provides C2 capabilities and enterprise infrastructure to continuously operate and defend a global net-centric enterprise in
direct support to joint warfighters, National level leaders, and other mission and
coalition partners across the full spectrum of operations
18
Defense Enterprise Computing Centers (DECC)
• 4,000,000+ users
• 2,900+ team members
• Defense Working Capital Fund (DWCF)
• 14 facilities
• 445,000 sq ft raised floor
• 34 mainframes
• 6,100 servers
• 3,800 terabytes of storage
• 2,800 application / database instances
• 215 software vendors
Maintenance
Command and Control
Medical
Logistics
Financial
19
Building the Cloud Foundation
• Innovative Services Contracts– Acquire processing & storage capacity as a
service provided by vendor partners– Pay much like a homeowner pays for utilities,
e.g., by megawatt-hours, BTUs, call-minutes, CPU-hours consumed
• Benefits– Reduces time to add capacity– Reduces overhead– Simplifies our cost drivers– Streamlines operating system– management– Facilitates technological currency
Capacity on Demand VirtualizationWhy? Many benefits:
• Consolidation– Reduces footprint
• Deployment – Eases provisioning of new workloads
• Agility – Increases support for changing workload demands and fail-over situations
• Protection – Lowers barriers to disaster recovery• Savings
– Fewer machines means fewer administrators, less power, floor, space, and cooling• Utilization – Enables multiple systems to run on high-
performance hardware• Price
– Reduces the cost of service delivery and lowers the total cost of ownership
14-day turnaround (average) 29% virtualized across DECC enterprise
20
“The Cloud”
What’s new?
A style of computing where massively scalable (and elastic) IT-related capabilities are provided “as a service” to customers
using Internet technologies.
Acquisition Model: Based on purchasing
of services
Source: Gartner
Business Model: Based on pay for use
Access Model: Over the network to ANY
device
Technical Model: Scalable, elastic,
dynamic, multi-tenant, & sharable
Computing As A Service
21
DISA Cloud Services Portfolio
Platform/Infrastructure-as-a-Service
Software-as-a-Service
Data-as-a-Service
GCDS
Content Delivery
RACE
Compute/Store
Forge.mil
Software Development
22
Rapid Access Computing Environment (RACE)
Development/Test24-hour automated provisioningCustomer root accessAbility to promote from Dev to TestStandard CSD Operating EnvironmentsMinimized and streamlined accreditationIncrease capacity ~ 24 hoursMonth-to-month serviceReduced cost
1 October 2008
Production• User self-service provisioning
within the PRODUCTION environment
• Ability to promote from test to production
• Streamlined/Automated accreditation
• Pre-established inherited IA controls
Today
• SIPRNet deployment• Complete integrate accreditation
automation processes • Continue to refine RACE Portal• Interface with Forge.Mil Projects• Complete integration with DISA
standardized configuration management system (BladeLogic)
FY10 Initiatives
User Self-Service ~ Highly Standardized ~ Cost Effective ~ Fast
23
RACE User Interface
24
Application Accreditationin RACE
Test & Development
Promote to Production
• Path-to-Production Execution Process– Streamlined and automated IA C&A– Standard process for customer– Accreditation time reduced from 80+ days to 40
days – End state objective of 7 days for C&A
• eMASS: Enterprise Mission Assurance Support System (eMASS) :– Automates the creation of select DIACAP artifacts– Populates DISA’s inherited controls into the
workflow process– Provides customer an advanced, dynamic
workflow management tool
25
● The Global Information Grid (GIG) Content Delivery Service (GCDS): – DoD OSD designated standard for content delivery service – Managed by the Defense Information System Agency (DISA's) Computing Services
Directorate (CSD). – GCDS is a global platform
● Uses Akamai™ technology, that provides intelligent routing and caching of web-based content.
● Interfaces with web-based applications and portals. ● Requires the local system be configured to allow GCDS to handle
communications between it and the Defense Information Systems Network (DISN).
GIG Content Delivery Service (GCDS)
DISN CLOUD ARMY NAVY AIR FORCE MARINES DoD Pending TOTAL
NIPRNET 3 9 3 0 9 2 26
SIPRNET 3 0 1 2 16 6 28
TOTAL 6 9 4 2 25 8 54
As of Sept 2009
26
Applications-As-A-Service: Forge.mil (Software Development)
● Public: Freely available to all DoD users● Shared: All DoD users can access the same code development environment for DoD open
source and community source software● Available: General availability on March 27, 2009
● Common evaluation criteria and an agile certification process to accelerate the certification of reusable, net-centric solutions
● Limited Operational Availability: October 2009
● Private: Allows a closed development environment for DoD projects and programs● Fee-for-service ● Availability: October 2009
DoD’s Software Development Life Cycle
•The logical process used to develop an information system•Includes requirements validation, training, and user ownership•Works like a library – Code checked out, worked on, & checked in
Analysis Design
Implementat ion
MaintenancePlanning
Systems Development Life Cycle (SDLC)
Forge.mil “Bits & Pieces”
•First standardized approach to an enormous problem •Proven development model •Based on the open source community’s approach
DoD SDLC
27
Forge.mil and RACE:Accelerating the Path to Production
DevelopersTestersUsersCertifiersDecision Authorities
Dashboard, Reporting & Monitoring
Build Libraries & Code Repositories
Development Zone
Development Zone
T&E ZoneT&E Zone
Production ZoneProduction Zone
Cloud Test & Certification
Services
Cloud Test & Certification
Services
Implementing the plat form and services to support evolving governance processes and standards
28
Challenges and BarriersCurrent
● Balancing Security and Usability– User Validation– Virtualization; servers, firewalls, networks– Access
● Business processes– Flexible funding; credit cards, speeding MIPR process
● Cultural inertia– Sharing the vision– Convincing “Box Huggers”
● Controlling expectations– “Why can’t it…..”
Future● Security optimization
– “Shared” accreditation– Validation of customer applications– Integrating Software as a Service– Accessing federated and shared services– Varying interpretations of security guidelines
● Business streamlining– Each Service and Agency has unique processes– Funding hurdles – Capital (Procurement) vs. Operating
29
Develop Within The Decision Cycle ● Our strength is in our ability to make
decisions better and faster than adversaries
● Web 2.0 technologies accelerate this cycle
● Software development has to keep up
Military Decision Making Cycle
Orient
Decide
Act
Observe
6 Months
24 Hours
6 Months
Days
Procure Code CertifyTotal Time toProductionRequirement
Traditional Approach
Cloud Approach
3-6 Months
Test6-12 Months
2-6 Months
18-24 Months
30
31
Backups
32
Enabling the Cloud Environment
Infrastructure– Standardization – Consolidation– Capacity Services – Virtualization– Content Delivery – Rapid Provisioning
Services– Software (SaaS)– Applications– Communications
Processes– Metrics & benchmarking – ITIL – Service Level Management (SLM)– Security (Certification & Accreditation
(C&A))
It’s A Journey
33
Consolidations and Savings
1990 1993 1998 2005
Service/ Agency consolidation under DMRD
924
• Reduced number of mainframe sites from 194 to 71
• Saved $320M/year
DISA Megacenter
consolidation – DMRD
918/BRAC
• Reduced number of mainframe sites from 71 to 16
• Saved $206M/year
DISA “SMART” consolidation
under QDR and DRI
• Reduced mainframe sites from 16 to 5
• Saved $203M/year
DISA combat support
computing transformation
• Mainframe & Server consolidation
• 4 primary sites w/ remote system mgmt
• Centralized all business functions
• Saved $143M/year
Continuing computing
transformation
2005
• Reduced sites from 18 to 13
• Saved $XXXXM/year
34
Forge.mil: Agile Development Environment
Building an Agile Development Environment for the DoD
● Collaborative environment for enabling agile software development and reuse
● Integration with the RACE Cloud to enable a continuous integration approach– Automate system build processes – Automate testing
● Deliver existing DoD tools and services into the cloud● Code analysis, unit testing, build testing, performance testing, interoperability testing, IA testing
● Expand the “Sandbox”– Integration with test networks and development labs– Incorporate simulations and sandbox versions of production services
● Streamline and automate the deployment governance processes – Enable dynamic execution of GIG Governance policies and procedures
35
Lessons Learned● Recommendations:
– Understand that it’s a journey – Recognize that the infrastructure fundamentals matter – Know your “marketplace” – recognize that this is a different
marketplace than normal IT operations– Clearly define the marketplace offering – Adjust the launch to satisfy requirements not timelines ensure– Engage with the software developers much earlier in the design
● What critical success factors?:– Which portion of cloud computing? – How will you define and measure the return on value analysis? – How will you define and measure the return on investment
analysis?
36
-200%
0%
200%
400%
600%
800%
1000%
1200%
1400%
1600%
1800%
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
Computing Technology & DECC EvolutionA Combat Support Agency
Percentage Change
Mainframe Processing
IBM & UNISYS platforms
Centralized database processing
Full data replication (since FY00)
Silos Virtual Tape Systems
Distributed Processing
Client-Server solutions
Internal storage Storage Area Networks (SAN)
Enterprise resource Planning (ERP) implementations
Cloud Computing
Server Virtualization
Services- based acquisitions
Dynamic provisioning
Utility pricing
1994-2002
Storage Workload
Server Workload
Cost
Continuous DECC consolidations and transformations have yielded significant reductions in unit cost
1994-2002 20082002-2008
Panel Discussion
Questions?
Tell us what you think: Complete the survey