All White Papers

White Paper

Achieving Enterprise Agility in the Cloud

Updated January 18, 2011

Introduction

It’s no secret that cloud computing is here to stay—it promises everything from reduced complexity and unlimited scalability to capacity on demand and CapEx savings. Although there are still many unanswered questions about cloud computing, many businesses are optimistic that it will be able to deliver on these promises. Even skeptics are intrigued by cloud computing, if for no other reason than that they want to maintain a technological edge over their competitors—and the cloud is certainly the hottest new technology trend.

To whatever extent cloud computing delivers on these promises, one thing is certain: businesses are not willing to sacrifice security, visibility, and control to make the move to the cloud. They need to know what’s happening in the cloud, how their applications are being delivered, and how traffic is being controlled and directed.

What’s emerging as a “must have” in cloud computing is agility—the quality that enables enterprises to respond quickly and precisely to unexpected and changing business demands. Agile businesses—those that can provide IT on demand under any workload conditions—can seize new opportunities and stay competitive.

In a Sand Hill Group1 survey of 500 IT executives, 49 percent cited business agility as the primary goal driving them to adopt cloud computing.

What Constitutes Agility in the Cloud?

Achieving agility is an ongoing process for most IT organizations. Reducing complexity, consolidating, replacing static connections with dynamic ones, stream-lining processes, and automating tasks—these efforts all put organizations on the right path toward creating agile data centers. But what happens when the data center reaches capacity and IT wants to move or extend applications to the cloud?

Suddenly maintaining agility becomes a lot more complex. Now IT must be concerned about moving applications with ease from the data center into the cloud and back again, or from virtual machine to virtual machine within the cloud or across clouds—all without increasing costs, impairing performance, or compromising service level agreements (SLAs). It would be simpler to move just a few isolated development projects to the cloud, but that would do little to further overall IT agility. Ideally, the goal is not to just move applications and data, but to dynamically monitor and direct traffic to the most available resources.

How easily (and securely) businesses can accomplish this depends not only on the maturity of their current infrastructures and their Application Delivery Networks (ADNs), but also on the cloud service provider, the platforms it supports, and the amount of visibility and control it provides to customers.

Finding the Agility You Need in the Cloud

No single vendor can provide all the solutions necessary to enable on-demand IT in the cloud. That requires strategic partnerships and cooperation among vendors who are committed to building integrated solutions. Collaborative efforts between VMware®, F5 Networks®, and BlueLock® help give enterprises platform agility (VMware), network agility (F5), and flexible cloud services with pay-as-you-go pricing models (BlueLock). Each vendor’s solutions are beneficial in their own right, but together deliver far greater value—and agility—to enterprises.

Platform Agility with VMware

VMware is the leader in server virtualization2, and its solutions give organizations many options for creating agile IT service models at lower costs. Virtualization is the catalyst that is making Infrastructure as a Service (IaaS) a reality; it’s the key enabling technology on the path toward cloud computing.

VMware’s vSphere™ platform serves as a foundation for building private and public clouds. With vSphere, enterprises can create and manage large amounts of virtual computing infrastructure, both hardware and software. VMware vCloud™ Director enables IT organizations to pool infrastructure resources (compute, storage, and networking capacity) into virtual data centers, which are the building blocks of private clouds. IT can then offer those resources to users through web-based portals and vCloud APIs as fully automated, catalog-based services. This model enables IT organizations and cloud providers to build secure, multitenant clouds. It brings great flexibility to IT organizations, yet allows them to retain control over the security and management of their environments. Application and line-of-business owners can access their own virtual data centers, and they can choose and deploy preconfigured infrastructure and applications from a web-based portal.

Through the open virtualization format (OVF), VMware’s vCloud API enables users to package, deploy, and manage virtual workloads across private and public clouds; it also enables interoperability between clouds. Using the vCloud API, users can upload and download vApps—software solutions optimized for the cloud that consist of multiple virtual machines and are packaged and maintained as a single entity. vApps preserve application properties and other settings.

Network Agility with F5

As the leader in application delivery networking3, F5 helps enterprises dynamically monitor and control traffic across the network to ensure that applications and data remain fast, available, and secure at all times.

F5® BIG-IP® Local Traffic Manager™ (LTM) is a network appliance that manages traffic to virtualized servers and from virtual desktops. By offloading processor intensive activities like SSL encryption, caching, and compression, BIG-IP LTM reduces the CPU and memory load on servers, thereby increasing the capacity of any given server. Especially helpful in cloud environments is BIG-IP LTM Virtual Edition (VE), which provides the full set of BIG-IP LTM features but is packaged as a virtual appliance. BIG-IP LTM VE can be uploaded to the cloud and then provisioned and configured on demand.

When organizations run multiple application instances on virtual machines across several data centers or clouds, BIG-IP Global Traffic Manager™ (GTM) maximizes application performance and availability by intelligently directing traffic to the best performing virtual machine, regardless of location.

F5 iControl® provides the programmatic interface for orchestration, automation, and dynamic control of the network. This web services–enabled open API is used to configure and manage BIG-IP devices and enables applications to control their own traffic. For example, using iControl, application developers can create solutions that bring servers online and offline dynamically, give priority to critical traffic during traffic bursts, filter out unwanted traffic, distribute server updates without disrupting service, manage applications from a single console, and so on. iControl integrates with VMware vCenter™ virtual computing platform management tools and vCloud API to help orchestrate automated provisioning and deprovisioning of virtual machines in both private and public cloud environments.

With iRules®, F5’s powerful scripting language, developers can directly manipulate and manage IP application traffic by controlling and customizing how it is intercepted, inspected, transformed, and routed. iRules can be applied to any IP application or protocol and can be invoked using iControl to perform tasks that would ordinarily require changes to the application.

Working closely with technology partner VMware, F5 introduced the F5 Management Plug-in for vSphere, which enables IT organizations to easily manage ADN policies for their VMwarevirtualized applications. The plug-in eliminates the need to manually synchronize information between BIG-IP devices and the vSphere client control panel and helps automate common networking and virtual machine maintenance tasks. It can also automatically apply ADN policies to newly provisioned virtual machines and deprovision them gracefully, without disrupting current user sessions.Together, these solutions improve the agility of the overall infrastructure.

BlueLock: Fully Integrated with VMware and F5

BlueLock is an award-winningiv managed services and cloud services provider that helps enterprises monitor, patch, secure, and manage their IT environments. Through its CloudStart advisory services, it helps enterprises understand why, how, and when it’s appropriate to move workloads to the public cloud. It also provides professional services for customers that prefer hands-on assistance with migration.

BlueLock provides centralized management with distributed capacity to accommodate enterprises that don’t want to give up the tools and GUIs they have spent years implementing and building workflows and approvals upon, and training their staff to use. BlueLock collaborates with technology vendors VMware and F5 to create workable cloud-based solutions that protect organizations’ investments.

By incorporating F5 solutions into its entire infrastructure, BlueLock provides the most advanced ADN services available in the market today, whether companies are managing traffic within a workload or bridging the gap between private and public clouds. Because F5 delivers feature-rich software and hardware solutions, including virtual appliances, BlueLock relies on F5 as its sole vendor for expanding its ADN core capabilities and service offerings.

A technology partner of VMware as well, BlueLock built its IaaS offering on the VMware platform. BlueLock is one of the first five cloud service providers worldwide chosen by VMware to offer VMware vCloud Datacenter Services—enterprise-class public clouds that are consistent with the technology and management tools VMware clients use to manage their private clouds internally. As a VMware-certified service provider, BlueLock delivers on-demand, pay-as-you-go infrastructure, enabling enterprises to adopt a hybrid (private plus public) cloud computing model. Now enterprises can extend their corporate data centers to BlueLock’s globally consistent, compatible public cloud, built on VMware vSphere and vCloud Director. In keeping with requirements for VMware vCloud Datacenter Services providers, BlueLock is SAS70 Type II certified, so BlueLock’s internal controls and safeguards for hosting and processing customer information have been audited and approved by an independent third party.

Using the VMware vCloud Director self-service web interface, BlueLock customers can pool IT resources to create virtual data centers in the cloud. They can then configure them to be compatible with the policies and procedures they use in their local data centers. VMware vCloud Director provides the core capabilities for importing and exporting virtual machines between customers’ VMware-based private clouds and their BlueLock cloud.

In addition to vCloud Director, BlueLock customers can deploy and use VMware’s new vCloud Connector. Via the familiar VMware vSphere Client control panel, IT administrators can use VMware vCloud Connector to view, copy, and transfer virtual machines across internal data centers and BlueLock’s public cloud. With virtual machine mobility, customers can easily deploy their existing applications in the cloud.

Bringing It All Together: How Customers Can Implement a Joint Solution

Let’s see how a joint solution between VMware, F5, and BlueLock plays out in a real-world customer scenario.

ABC Corporation, a $6 billion manufacturing company, recently consolidated nine regional data centers into three, located in Seattle, Dallas, and Philadelphia. The majority of ABC’s applications are virtualized on 750 vSphere-based virtual machines across four private clouds.

ABC’s vendor management portal is used by more than 4,000 vendors to manage transactions, orders, and inventory. ABC often experiences spikes in traffic that can quickly degrade user response time; however, the company is reluctant to add permanent capacity due to high costs. ABC is seeking a solution that can offload a portion of its portal traffic to the public cloud in response to randomly high demand, and then scale back that additional capacity when demand recedes.

Knowing that BlueLock is a certified VMware vCloud Datacenter Services provider, and that it uses F5 solutions in its environments, ABC is eager to pursue “cloud-bursting”—the practice of extending computing resources into the public cloud when capacity in the corporate data center is reached. Because VMware and F5 solutions are integral to BlueLock’s infrastructure, ABC knows its own investment in and integration with VMware and F5 solutions is protected. It doesn’t have to worry about changing its business or administrative processes, and its applications and traffic management will be consistent across private and public clouds. Furthermore, by using BlueLock, ABC can avoid having to train its IT staff to use new products or technologies.

Typically, portal application requests are routed to BIG-IP Global Traffic Manager (GTM) in ABC’s Seattle data center, and then directed to BIG-IP Local Traffic Manager (LTM) in one of the company’s three data centers. Using the F5 iControl API, BIG-IP LTM monitors performance to load balance and direct traffic to application instances running on virtual machines in ABC’s private cloud.

During peak traffic periods, user response time can degrade rapidly. ABC’s system is set to begin offloading to the cloud when average portal response times exceed 15 milliseconds for 40 percent or more of users accessing the system. When that happens, iControl reports conditions to ABC’s orchestration tool, which automatically launches additional application instances in its private cloud to handle the increased demand.

When ABC’s private cloud resources are tapped out, the cloudbursting process with BlueLock begins automatically. ABC’s orchestration tool triggers actions to access BlueLock public cloud services through VMware’s vCloud API, which then launches a database synchronization process so portal instances in both locations have access to the database. Next, the vCloud API launches a new application instance in the BlueLock public cloud. It will continue to create additional application instances in the BlueLock public cloud as long as application response time demands it (see Figure 1). BIG-IP GTM reconfigures the network according to ABC’s predefined business policies to route traffic through BlueLock’s implementation of BIG-IP LTM which, in turn, balances traffic across all available application instances, eliminating manual intervention.

Figure 1: The vCloud API automatically creates new application instances in the BlueLock public cloud in response to increasing demand.

Once client requests begin to drop off, user connections are bled off of the application instances in ABC’s public cloud environment at BlueLock, and these instances are gradually (and automatically) removed from the pool. When traffic volume falls and average portal response time dips below the preset threshold, all client requests will again be routed to application instances in ABC’s private cloud only. Thus, in this pay-as-you-go model, ABC pays only for the services it actually uses in the BlueLock public cloud.

As an alternative to using BlueLock’s shared physical BIG-IP LTM to manage traffic in its virtual data centers, ABC can leverage F5 BIG-IP LTM Virtual Edition (VE), which BlueLock includes as part of its public appliance catalog. This gives ABC the same ADN functionality in the public cloud that it has in its private data centers.

Additionally, ABC can securely connect its networks to its cloud at BlueLock using the F5 iSessions feature. iSessions, available with both BIG-IP LTM and BIG-IP LTM VE, encrypts and accelerates data traveling between F5 solutions over the WAN, thereby reducing bandwidth requirements and increasing the speed of database replication. This gives customers a fast, seamless transition as they move local applications into the public cloud.

This integrated cloudbursting solution from VMware, F5, and BlueLock enables ABC to respond dynamically to unpredictable and fluctuating traffic requirements, improving the performance of its vendor management portal and ultimately, the overall user experience. In addition, ABC avoids the complexity and cost of expanding its own IT infrastructure, and it can manage both its private and public cloud environments without compromising security or established business policies.

BlueLock Cloud Services Model

BlueLock offers flexible pricing models to fit virtually any enterprise need. The key for enterprises evaluating cloud providers isn’t just finding the lowest-cost provider or the most attractive cost model. The primary consideration (and real win for the enterprise) comes from accurately sizing the requirements of the application and matching that to the right cloud platform.

Through its partnerships with F5 and VMware, BlueLock has created a public cloud platform with multiple performance tiers and payment options. For example, if the enterprise has a testing workload that requires a lot of computing capability, it can create a virtual cloud using low-end SATA disks. On the other hand, if the enterprise has an e-commerce application that performs a lot of I/O disk operations, it can place its vApp into a public cloud that uses solid state disks. BlueLock can also accommodate customers that have no disk type preference and simply want to guarantee a specific amount of I/O for the application.

Conclusion

As cloud computing continues to gain popularity, many enterprises are intrigued by the potential benefits it promises, but they aren’t willing to sacrifice security, visibility, and control to get them. Before taking the leap into the cloud, enterprises must be convinced that public cloud services will help them retain and ultimately improve their business agility.

Enterprises are learning that major vendors are collaboratively developing cloud solutions designed to reduce risk and simplify their decision to leverage the public cloud. With these solutions, enterprises can protect their in-house IT investments and augment their existing application infrastructures with public cloud resources.

The integrated solutions offered by VMware, F5, and BlueLock demonstrate how a truly agile Application Delivery Network can help customers continuously deliver virtualized applications during periods of unexpected load and, at the same time, retain internal control of their applications. The integration and automation built into these joint solutions help enterprises increase application availability and improve operational functionality while reducing the cost of delivering Infrastructure as a Service.

1Leaders in the Cloud, Sand Hill Group, March 2010

2IDC’s Worldwide Server Virtualization Tracker, December 2010

3Infonetics, “Data center network equipment market poised for 67% growth in 2010”, December 2010, BlueLock Awards and Recognition