“Build it, and they will come,” belongs in the Field of Dreams. If you don’t start with user needs and build your Enterprise Cloud backward, then the chances are what you produce will miss the mark, and it won’t stick with users. Equally, if you don’t rewire the parts of the enterprise that your cloud needs to connect to then it will be as foolish as trying to fit a square peg into a round hole. What are these rewiring touch points? They are the operational processes in place in your organization today.
By helping clients around the world benefit from hyperconvergence and Enterprise Cloud we’ve learned where the heat spots appear, where the friction happens. Here are five ways we’ve helped customers cool down and connect their Enterprise Cloud to their organization.
In many IT environments, there’s a slow, hierarchical, trickle-down process where users have to use antiquated ticketing systems or even ‘phoning IT to get things done. This holds up their work leaving users feeling frustrated that they have no ability to fix things themselves.
The Enterprise Cloud is designed to solve this problem by eliminating problematic calls to the Service Desk and replacing them with user self-service:
Account Control. Users can register for new services and manage their account credentials; this includes managers delegating access and oversight to their team.
Resource Control. Users can acquire resources as a tenant in the Enterprise Cloud with simple online requests and no complicated, multi-stage justification process.
Insights. Users can access data sources and reports to be responsible and accountable for their cloud consumption.
Ultimately this means eliminating unnecessary existing Service Desk processes which will change the role of the Service Desk over time. In some enterprises, the Service Desk takes this opportunity to become less IT-focused and more business focused, so it is an opportunity for all.
An Enterprise Cloud needs to be consumable by developers, which means it must be possible to plug it into their delivery pipeline or in any other way they need, usually via an API. An example is connecting a Continuous Integration system to the Enterprise Cloud to create target environments on every build.
In today’s environment, where the mantra is delivering end user value with minimum waste and processes, means giving them the autonomy, responsibility, accountability and capability of consuming the Enterprise Cloud how they need without long preambles.
Shift Change, Config, and Release To The Left
ITIL is the dominant service management framework, although there are many others. Read Stephen Mann’s excellent insights into the frameworks. There are twenty-six processes in the ITIL framework covering a wide range of typical, common sense IT service management activities. Enterprise are usually doing these activities naturally, such as monitoring services, but ITIL gives a standard approach and language to these.
Not all of the ITIL processes are closely related to an Enterprise Cloud. An example of a link between ITIL and Enterprise Cloud would be the private-to-public cloud disaster recovery capabilities which, in ITIL, comes under Service Continuity Management.
If you are doing “common sense” service management or you are using a framework like ITIL then some operations-related processes will change with Enterprise Cloud. Change, Configuration, and Release processes are the most common examples:
Transform Configuration Management. Version Control is applied to infrastructure; infra is treated “as code”. This means all configs and builds for target environments act like application builds. The gap between infrastructure and applications disappears.
Transform Release Management. A robust, automated continuous integration pipeline moves quality checks to the start of the pipeline to reduce load on end-of-line quality checks. This is also known as Shift-Left Testing.
Transform Change Management. The Puppet State of DevOps report linked a difference in change management to high-performance organizations. Change unit sizes (also known as batch sizes) reduce in size but grow in number and frequency, reducing impact, speeding up MTTR, and reducing hand-offs and approvals.
Move Operations Up
If you’re still spending 70% or more of your time on the plumbing of your datacenter then you are not going to succeed. Your true north should be users and applications, not scripting snowflake servers in your cloud. As Martin Fowler explains:
“It can be finicky business to keep a production server running. You have to ensure the operating system and any other dependent software is properly patched to keep it up to date. Hosted applications need to be upgraded regularly. Configuration changes are regularly needed to tweak the environment so that it runs efficiently and communicates properly with other systems. This requires some mix of command-line invocations, jumping between GUI screens, and editing text files.
The result is a unique snowflake - good for a ski resort, bad for a data center.”
The first bit of help with this is using Invisible Infrastructure from Nutanix. Even without Enterprise Cloud it eliminates “snowflakiness” from the foundational part of your infrastructure. The next step is to eliminate snowflakes higher up in the Enterprise Cloud. To do this you just need to bring standard cloud procedures into your Enterprise Cloud:
Encourage and reward users for using managed images, and not creating their own.
If users must create their own, then give them the tools to create images for future use.
Discourage remote logging on to machines for maintenance, encourage the use of remote automation tools instead - an example is using the Enterprise Cloud portal to change services instead of logging onto servers directly.
Encourage users, especially developers, to plug their own services into the Enterprise Cloud at an API level. For users this could be connecting their SaaS application into the enterprise account directory. For developers, it could be connecting their continuous integration server to the Enterprise Cloud for automagical resource configuration.
Expose as many controls and data sources as you can to free Operations from humdrum valueless activities such as producing reports for other people.
Weave Security Throughout The Cloud
Security and compliance is still talked about as the number one concern when moving to Enterprise Cloud. These kinds of surveys look at the respondents’ opinions, thoughts and feelings rather than on hard data about breaches. The top breaches of 2015 were not caused by cloud systems, they were mostly caused by people badly configuring systems, losing data on trains or sharing their credentials with phishers.
Nonetheless, Einstein said that “Reality is an illusion, albeit a persistent one” and this has (helpfully) increased the quality of security in cloud solutions, benefitting those that have Enterprise Clouds.
There are specific ways to weave security throughout your Enterprise Cloud, beginning with:
Account directory integration is perhaps the number one most important cloud security feature. Using enterprise-controlled, consistent credentials across all cloud services is the key to the cloud kingdom.
The Shared Responsibility Model, from user self-service for password resets to developers creating complex target environments, makes it clear who is responsible for what. This is different from an enterprise where normally everyone blames IT, or at least the Network Team.
Automated and Embedded Monitoring and Controls. Thanks to APIs there’s a move away from costly agent-based security toolsets. Now Security teams can run their own systems and interrogate all enterprise resources from a central place.
Nutanix and Nutanix consulting services can help you transform your datacenter so they connect correctly by helping with organizational change, workload migration and enterprise cloud design, deployment and operations.
Disclaimer: This blog contains links to external websites that are not part of Nutanix.com. Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site. Our decision to link to an external site should not be considered an endorsement of any content on such site.