The adoption of Cloud and DevOps has brought changes in large enterprises around the traditional management methodology of Infra, Middleware and Applications lifecycle. There is a continuous “tension” to achieve the right balance between “security + compliance” vs “agility + flexibility” between Operations and Development teams. For large enterprises with multiple business units and global operations and having distributed assets across multiple cloud providers, these issues are more complex. While there is no “silver bullet” that can solve all these issues, every enterprise needs a broad framework for achieving the right balance.
The broad framework is based on the following criteria:
- IT teams predominantly define the infrastructure components like images, network designs, security policies, compliance guardrails, standard catalogs etc. based on the organization’s policies and requirements.
- Application teams have the flexibility to order and consume these components and to manage post provisioning lifecycle specific to their needs.
The challenge being faced by larger enterprises using multiple cloud workloads is the lack of a common orchestration portal to enable application teams to have self-service requests and flexible workflows for managing workload configuration and application deployment lifecycle. The standard Cloud management portals from the major cloud providers have automated most of their internal provisioning processes, yet don’t provide customers system-specific solutions or do workload placement across various public and private clouds. In order to serve the needs of Application groups a portal is needed with following key functionalities.
- The self-service portal is controlled via role-based access.
- Standard catalog of items for Infrastructure Management.
- Flexible workflow for creating a full lifecycle of configurations management.
- Microservices-based building blocks for consuming “INFRASTRUCTURE AS A CODE” and manage post provisioning lifecycle.
- Ability to monitor the end to end provisioning lifecycle with proper error handling and interventions when needed.
- Governance and management post provisioning across multiple workloads and cloud services.
Relevance Lab has come up with a microservices-based automation solution which automates enterprise multi-cloud provisioning, pre and post, provisioning workflows, workload management, mandatory policies, configurations, and security controls. The end to end provisioning is automated and made seamless to the user by integrating with ServiceNow, Domain server, configuration servers and various cloud services. There are multiple microservices developed to handle each stage of the automation, making it highly flexible to extend to any cloud resources.
The building blocks of the framework are as shown here:
The IAAC which is maintained in a source code repository can have the cloud templates for a variety of resources.
|Compute – VM/Server||VMWare, AWS, Azure, GCP||Automated provisioning of VMs and the backup VMs|
|Compute – DB Server||VMWare, AWS, Azure, GCP||Automated provisioning of the DB servers and Backup servers – Oracle, PostgresSQL, MSSQL, MySQL, SAP|
|Compute – HA and DR||VMWare, AWS, Azure, GCP||Automated provisioning of HA and DR servers|
|Compute – Application Stack||AWS, Azure||Automated Provisioning of Application stack using CFTs and ARM templates|
|Network – VPC||AWS, Azure, GCP||Automated provisioning of VPCs and subnets|
|Storage||AWS, Azure, GCP||Automated provisioning of S3 buckets or Blob storage|
|Storage – Gateways||AWS||Automated provisioning of storage gateways|
|DNS Server||AWS, Azure||Automated provisioning of DNS servers|
Getting Started with Hybrid Cloud Automation – Our recommendations:
- Generate standard cloud catalogue and create reusable automated workflows for processes such as approval and access control.
- To optimize the management of resources, limit the number of blueprints. Specific features can be provisioned in a modular fashion in the base image.
- Use configuration management tool like Chef/Puppet/Ansible to install various management agents.
- Use “INFRASTRUCTURE AS A CODE” principle to provision infrastructure in an agile fashion. It needs tools like Github, Jenkins and any configuration management tool.
- Significantly reduce the Operations cost by reducing the manual effort and proactive monitoring services using a single platform.
- Reduced time to market for new cloud services by enabling a single-click deployment of cloud services.
For more details, please feel free to reach out to firstname.lastname@example.org