CloudForms in Action

Looking in the right direction

Tim De Borger
Senior Solution Architect
2 Feb 2018
 Disclaimer
The content set forth herein is Red Hat confidential
information and does not constitute in any way a
binding or legal agreement or impose any legal
obligation or duty on Red Hat.

This information is provided for discussion purposes

only and is subject to change for any or no reason.
 Agenda
● Cloud Architecture BluePrint
● CloudForms Intro
● Efficiency and Optimization
● Governance And Compliance
● Service Management And Self Service
● Integrations

3 INSERT DESIGNATOR, IF NEEDED

Cloud Architecture BluePrint
 Cloud Architecture View

5 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure

6 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure

7 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure On Premise Private Public

8 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure On Premise Private Public

9 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure On Premise Private Public

10 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure On Premise Private Public

11 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure On Premise Private Public

12 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management

Platform

Infrastructure On Premise Private Public

13 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management Configuration
Mgmt

Cloud Mgmt
Platform

Platform

Infrastructure On Premise Private Public

14 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services

Management Configuration Single Pane of Glass

Mgmt

Cloud Mgmt
Platform

Platform

Infrastructure On Premise Private Public

15 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services Service Catalog

Management Configuration Single Pane of Glass

Mgmt

Cloud Mgmt
Platform

Platform

Infrastructure On Premise Private Public

16 INSERT DESIGNATOR, IF NEEDED

 Cloud Architecture View

Services Service Catalog

Management Configuration Single Pane of Glass

Mgmt

Cloud Mgmt
Platform

Platform

Infrastructure On Premise Private Public

17 INSERT DESIGNATOR, IF NEEDED

CloudForms Intro
 CLOUDFORMS FEATURES
AGENTLESS ANSIBLE AUTOMATION MULTI-TENANCY
AND RBAC

EASY DEPLOYMENT SEGMENT USER ACCESS,

SIMPLE, POWERFUL, AGENTLESS
FINE GRAINED ACCESS CONTROL

CONTINUOUS DISCOVERY VIRTUAL APPLIANCE FEDERATED GLOBAL

DEPLOYMENTS

BROWN-FIELD MANAGEMENT, HIGHLY SCALABLE, HIGHLY AVAILABLE

EASY INSTALL, EASY MAINTENANCE
INTEROPERATES WITH OTHER MGMT MULTI-REGION DEPLOYMENTS

19
Efficiency and Optimization
 CHALLENGES

Efficiency and Optimization

● Performance Management LIFECYCLE MANAGEMENT RESOURCE OPTIMIZATION

● Capacity Management
● Virtualization Management
● Public Cloud Management ROOT-CAUSE ANALYSIS CAPACITY MANAGEMENT
● Container Management
● Root-Cause Analysis
○ Performance & Resource Usage
○ Compare current state with other instances
○ Track VM Drift

21 INSERT DESIGNATOR, IF NEEDED

 OPERATIONAL VISIBILITY CHALLENGES

Systems that are not being utilized CHALLENGES

should be retired to reclaim resources.

Budgets are tight. We have to

make sure that we are utilizing
our systems efficiently.
LIFECYCLE MANAGEMENT RESOURCE OPTIMIZATION
Tracking problems across infrastructure
layers can be a challenge.

I’ve got to project infrastructure usage

into the future for planning purposes.
ROOT-CAUSE ANALYSIS CAPACITY MANAGEMENT

22
 OPERATIONAL VISIBILITY WITH CLOUDFORMS

CHALLENGES
Find unused resources and reclaim
them. Assign ownership to resources.

Automatic resource optimization

intelligently places VMs and offers
right-sizing recommendations. LIFECYCLE MANAGEMENT RESOURCE OPTIMIZATION

I can drill-down through infrastructure

layers to determine the root cause.

Resource tracking and trending aids in

capacity and what-if scenario planning.
ROOT-CAUSE ANALYSIS CAPACITY MANAGEMENT

23
 PERFORMANCE AND CAPACITY MANAGEMENT

● Continuous data gathering for both

greenfield and brownfield deployments.

● Resource utilization tracking and right-size

recommendations.

● Projection and “what if” tools aid in future

planning.

24
 VIRTUALIZATION MANAGEMENT
● Provision from clone of existing VM
instance or template.

● View VM genealogy and track VM drift

from established configurations.

● Execute VM power operations and retire

VM instances.

25
 PUBLIC CLOUD MANAGEMENT
● View virtual instance inventory and manage
across regions and availability zones.

● Provision virtual instances, storage and

networking.

● Monitor and respond to events.

26
 CONTAINER MANAGEMENT
● View connections from the container all
the way down through the underlying
infrastructure in one interface.

● Apply automation rules and enforce

policies for deployed containers.

● Scan containers for known vulnerabilities

with OpenSCAP.

27
 ROOT CAUSE ANALYSIS

● View instance performance and resource

usage over time to pinpoint problem
initiation.

● Quickly compare system state against known

good state or other systems.

● Navigate across relationships and drill down

infrastructure layers to identify underlying
causes.

28
Governance and Compliance
 Governance and Compliance
● Policy Enforcement
○ Continuous Discovery
○ Alert on violations
● Chargeback
○ Rates per platform and per tenant
○ Multi Tier - Multi Currency
○ Containers - Projects
● Quota
○ By User - Role - Tenant
○ For Compute - Memory - Storage

30 INSERT DESIGNATOR, IF NEEDED

 COMPLIANCE AND GOVERNANCE CHALLENGES

Monitoring systems so that they remain

compliant and secure is time consuming.

With end user self-servicing, how do

I know systems are compliant?

How to check compliance without

“being in the way”?

How do I govern what resources are

consumed and where?

How do I prevent a huge bill from my

cloud provider?

31
 POLICY AND COMPLIANCE WITH CLOUDFORMS

CloudForms continuously monitors

systems so they remain secure.

Smart State Analysis deeply scans

systems to provide policy engine with
detailed information.

Apply policies based on Smart State

data without requiring cooperation of
users.
Our automatic provisioning includes
automatic placement policies.

Quotas prevent over-provisioning

compute, memory or storage resources.

32
 POLICY ENFORCEMENT

● Continuous discovery and deep

SmartState inspection of virtual
instances.

● Policy violations can raise alerts or be

remediated automatically.

● Policy can be applied uniformly or

based on virtual instance criteria.

33
 QUOTAS AND CHARGEBACK

● Rate schedules per platform and per

tenant with multi-tiered and multi-
currency support.

● Quota set by user, role and tenant and

apply to compute, memory and storage
resources.

● Monitor resource usage and report

based on workload or tenant.

34
Service Management And Self
Service
 Service Management & Self Service
● Automation of the provisioning lifecycle
● Shopping Cart Experience
● Service Delivery Catalogs
● Automatic or Approval Routing
● Orchestration Engine
○ VM Provisioning
○ Ansible Playbook
○ Ruby Scripts
● Lifecycle
○ Provision
○ Start/Stop/Pause/Resume
○ Retirement

36 INSERT DESIGNATOR, IF NEEDED

 SERVICE AUTOMATION CHALLENGES

ACTIVITIES REQUIRED
We can’t get systems fast enough!
I’m trying to help the business. IT just slows me down.
+ Process requests for IT resource
+ Clarify request and collect needed information
+ VM creation from template
+ Configuration to desired state

Do we have an IP address for this system? + Security and compliance process

Do we have the resources available for this request? + Non-work time for weekends, emergencies, etc.

There’s an emergency, I can’t work on your request

today. = WEEKS OR
Are you authorized to request these systems?
MONTHS

37
 SERVICE AUTOMATION WITH CLOUDFORMS

ACTIVITIES REQUIRED
I use the self-service portal to request IT resources!
I can get systems configured exactly like I need them.
+ Self-service catalog
+ Automated approval workflow
+ provisioning
+ configuration

IP addresses are gathered automatically. + policy enforcement

CloudForms checks quotas and available resources. + No down time for weekends, emergencies, etc.

There’s an emergency, I can’t work on your request today.

CloudForms takes care of authorization and approvals. = MINUTES

38
 SELF-SERVICE DELIVERY

● Create service delivery catalogs for

users to choose the services the
services that they need to deploy.

● Shopping cart functionality allows

multiple services to be requested at
one time.

● Service requests can be routed for

approval.

39
 AUTOMATED PROVISIONING

● Automatically deploys and configures

requested services on any
infrastructure platform.

● Automation steps can be codified in

Ansible playbooks or natively in
CloudForms.

● Integration to external IT systems

allows CloudForms to automate all
process steps.

40
 LIFECYCLE MANAGEMENT

● Ongoing tracking of services ensures

continual visibility.

● Complete operational control over

service resources, including power
operations and virtual console access.

● Automated lifecycle policies for

scheduled retirement and archiving.

41
CloudForms Integrations
 CLOUDFORMS INTEGRATIONS
CMDB: ServiceNow, BMC Remedy
Load Balancers: F5 BigIP, Citrix Netscaler, AWS Elastic
Communications: Twilio, Google Voice Load Balancer, Neutron LBaaS
Configuration Management: Ansible, Satellite, Logging: Splunk, Elk Stack
Foreman, Chef, Puppet, Salt, HP Server Automation Networking: Cisco APIC
Databases: Oracle, Microsoft SQL Server, MySQL, Orchestration: VMware vRealize Orchestrator, HP
PostgreSQL Operations Orchestration
Directories and Identity: Microsoft Active Directory, Operations Management: Microsoft Systems Center
Red Hat Identity Management, Centrify, Any LDAP Operations Manager, CA Spectrum, HP Operations Manager,
directory Any SNMP enabled system

Disaster Recovery: VMware SRM, Zerto Patching: IBM BigFix, Satellite, Microsoft Systems Center
Configuration Manager
DevOps: Calm.io, Jenkins
Service Catalogs: ServiceNow, BMC Remedy
Firewall: Juniper, Checkpoint, Cisco, Fortinet, Palo Alto
Source Control: github
Incident/Change Management: ServiceNow, BMC Storage: NetApp WFA
Remedy, Atlassian JIRA
Miscellaneous: Any Web service enabled system
IPAM/DDI: Infoblox, BlueCat, BIND, Microsoft DNS,
Microsoft DHCP, SolarWinds, Men and Mice, PHP
IPAM
43
And … Action
THANK YOU
plus.google.com/+RedHat facebook.com/redhatinc

linkedin.com/company/red-hat twitter.com/RedHatNews

youtube.com/user/RedHatVideos