Tuesday, Feb 15 2011

Cloud Analysis: Cutting Through the Fluff

Written by
In my previous post, Cloud Strategy: Stop or you will go blind I mention that strategy is a waste of time and you need to start execution. Fine words, but the next question is inevitable.

How do you get started?

At least some of the common attributes of cloud architectures (NIST Defn V15) are attractive to all IT Service Providers. How do you know what parts of your IT infrastructure should be considered for redeployment on a new architecture.

The answer to this question first requires a basic assumption;

                  “applications are a fundamental unit of IT services”

A debatable point to be sure. Your perspective, may be that of consultant in ToGAF, Six Sigma, Agile, ITIL or other development/improvement frameworks. For the specific purposes of the progression to cloud based architecture, the application is a valuable container to define business process and is a driver to the patterns of infrastructure design.

So if we are going to start executing, it will be applications that are our focus.

What’s next? The short answer is relatively simple;

impact-matrixStep 1.IDENTIFY CANDIDATE APPLICATIONS - Do a quick analysis based around a simple comparison of existing pain points, business needs and the well established benefits possible from cloud based architectures. Prioritize these using a simple payoff matrix (right). In my next post, I will outline more detail of the  The Fast Track Analysis as a method for candidate selection. Its combination of consuming readily available data and the intelligent decisions from IT staff, to provide a fast return on investment.

For this post I will focus on;

Step 2.ANALYZE/DESIGN/PLAN  – Once you have a smaller set of candidates, you can afford to dig deeper, decide the final solution and create an execution plan. Analyzing the benefits offered by typical cloud architectures will not be sufficient to ensure a successful cloud deployment. They are too generic to describe the requirements of an application. You need to consider all aspects of an application that will be impacted by architectural change.

Armada’s “Cloud Evaluation Framework” is a collections of tools and methods, designed to define all the aspects of a architectural change. It gathers information designed to answer the detailed questions before deploying an application to a public cloud, or is critical input to the development of a private cloud architecture.

armada-cef2-285x300The framework covers six major categories;
  • Workload – a profile of the usage & performance of the application over a period of time.  It considers utilization and latency for all major resources, as well as application performance across these profiles.  It considers the data to determine the real world scaling patterns.
  • Architecture – the technical design aspects of the application which include its full lifecycle from development to end-of-life. It ensures the applications is well understood, defined and not a hairball or tightly coupled custom code and broad coding assumptions. It analyses the ability of the application to scale to ensure the cloud elasticity will match the applications model.
  • Financial – what is the cost and benefit for the application. Includes classic ROI calculation between current state and target end-state. Additionally it covers assessment of opportunity cost which includes; how are you effecting your own sites economies of scale and flexibility by moving off-site or introducing a new architecture, and what features you are getting from the new architecture (and paying for) that you do not need.
  • Risk - although very different questions between public, private and hybrid the concepts of risk are essential for all deployments. The classic issues of privacy, jurisdiction and the alignment of priorities with an external partner give way to issues surrounding the deployment of a more advanced and more complex infrastructure.
  • Operations- the people, process and tools are currently used or dependant on this application. Do you have enough (people, process, tools) now to manage a 3rd party provider, what does the provider offer you and how do you integrate with them.
  • Security – what are the security requirements of the application and the data it uses. This is the most closely scrutinized aspect of cloud today and one where providers and spending alot of time and energy.   Depending on your industry, whether is be FISMA, DIACAP , HIPAA, HITECH or PCI to GLBA you need to consider you and your providers capability. In addition there are the classic issues information and computer security. Are you or your software vendors coding standards up to the challenge ?

Within each of these general categories is a raft of more detailed questions that can be used to help you evaluate current cloud providers or can be directly linked to architectural design patterns that can define your private cloud.

Only armed with answers to these questions, can you confidently start to develop target deployment architecture. With a target architecture decided you can develop the execution plans needed to move the application forward and return benefit to the organization. Without the answers to these questions you run the risk of taking a small problem and turning it into a big storm in the cloud.

Contributed by: Brad Vaughan