IBM云计算参考架构(英文版) .ppt
Bowman HallDirector,Cloud Computing Client EngagementsIBM Software Middleware Group,January,2010,IBM Cloud Computing Reference Architecture,“Cloud”is a new consumption and delivery model inspired by consumer Internet services.Cloud enables:Self-service Sourcing options Economies-of-scale“Cloud”represents:The Industrialization of Delivery for IT supported ServicesMultiple Types of Clouds will co-exist:Private,Public and HybridWorkload and/or Programming Model Specific,Cloud:Consumption&Delivery Models Optimized by Workload,Cloud Services,Cloud Computing Model,Cloud Platforms and Services,Cloud Service Provider,Common Cloud Management Platform,Virtualized Infrastructure Server,Storage,Network,Facilities,Service Business Manager,Service Operations Manager,Cloud Services,User Interface,API,Metering,Analytics&Reporting,Service Provider Portal,Configuration Mgmt,Offering Mgmt,Order Mgmt,Accounting&Billing,Customer Mgmt,Entitlements,Contract Mgmt,SLAReporting,Pricing&Rating,Peering&Settlement,Subscriber Mgmt,Service OfferingCatalog,Invoicing,Service Automation Management,Virtualization Mgmt,Provisioning,Monitoring&Event Management,IT Asset&License Management,Service Request Management,IT Service Level Management,Image Lifecycle Management,Capacity&Performance Management,Incident,Problem&Change Management,BSSBusinessSupportSystem,Service Development Portal,OSSOperationalSupportSystem,Common Cloud Management Platform Reference Architecture,Service Transition Manager,Service Security Manager,Security&Resiliency,Service Delivery Catalog,Service Templates,5,Core operational support capabilities required for a Cloud platform,An operational support system is required to deliver cloud servicesKey capabilities are provided below and need to work together as a basis for customer cloud service delivery,Configuration Mgmt,Service Automation Management,Virtualization Mgmt,Provisioning,Monitoring&Event Management,IT Asset&License Management,Service Request Management,IT Service Level Management,Image Lifecycle Management,Capacity&Performance Management,Incident,Problem&Change Management,OSSOperationalSupportSystem,Service Delivery Catalog,Service Templates,Security and Resiliency,6,Management Concerns in Cloud Computing,Configuration Mgmt,Service Automation Management,Virtualization Mgmt,Provisioning,Monitoring&Event Management,IT Asset&License Management,Service Request Management,IT Service Level Management,Image Lifecycle Management,Capacity&Performance Management,Incident,Problem&Change Management,OSSOperationalSupportSystem,Service Delivery Catalog,Service Templates,Security and Resiliency,Image ManagementDesign,build and manage images for cloud services,SecurityDesign for Multi-TenancyProtect assets through Isolation,integrity,image-risk and compliance management,Heat and Power ManagementControl Energy Consumption,Service Automation ManagementInterpret and Execute Build-and Management PlansOrchestrate Management Componentry,Usage Metering and AccountingFlexible support of delivery models,Virtualized Resource ManagementDeploy cloud services on virtualized resourcesManage virtual resources,Typical Cloud Use Case Scenario,2.Integrate withservice desk and IT asset management processes,4.Integrate withadvanced storagearea network(SAN)and network pools,8.Collect,analyze,Report and billbased on Service usage and costs,9.Visualize and align the Service with business objectives and service levels,10.Manage supported Service LevelAgreements(SLAs),Service=Software,Platform,Infrastructure(i.e.Composite Application,Physical/Virtual OS,Middleware,Network,StorageNot in all cases will all steps exist in a client engagement,Core Components of Service Managed Virtualization and Clouds,Deploying Cloud Services,Managing Cloud Services,Secure User Centric Self-Service Portal,Automation engine and Catalog,Automated Provisioning and Image Management,Monitoring,Security and Metering,For Locating and Requesting Services,Optimizing Cloud Management Platform deployments,For those clients who wish to leverage a service management portfolio to build a customized cloud solutionTivoli Service Automation Manger(introduced in November 2008)+IBM Service Management PortfolioPowered by Tivoli process automation engine and Service Management products.,For those clients who wish to rapidly deploy a turn-key environment with little to no customizationIBM CloudBurst(introduced in May 2009)A purpose built service delivery platform that leverages the same software components in the Tivoli Service Automation Manager as well as integrated purpose built workflows,Tivoli process automation engine,Federated data subsystemServices,assets,configuration items,IBM Tivoli Service Automation ManagerAggregated capabilities for managing your cloud environment,Operational management technology,IBM Tivoli ServiceAutomation ManagerBuilt on top of the IBM Service Management PlatformOrchestrates technology,processes,people and data to provide cloud computing services and service management of cloud computingProvides rapid provisioning of physical and virtual resources,IT infrastructure,Tivoli Service Automation Manager,IBM Service Management Platform,Tivoli Service Automation Manager,Tivoli Process Automation Engine,Tivoli Service Automation Manager High-Level Component Architecture,Tivoli Service Automation Manager is a component based on the Tivoli Process Automation Engine(TPAe),implementing a data model,workflows and applications for automating the management of IT services,Tivoli Provisioning Manager,Tivoli Service Automation Manager,Tivoli Service Request Manager,MEA/REST APIs,Web2.0 GUI,Admin GUI,Service Designers,Service Operators,Administrators,End Users,IBM Tivoli Monitoring,Tivoli Usage and Accounting Manager,Tivoli Service Automation Manager and the IBM Service Management Architecture,Process Management Products,Tivoli Process Automation engine,14,IBM Cloudburst an Integrated Cloud solution,Tivoli Service Automation Manager(TSAM),IBM Cloudburst,Orchestration of Cloud operationsIntegration point for service mgmt capabilitiesService catalog and templatesAutomated provisioning of virtual systems,Monitor both physical and virtual server environments,Monitoring,Make management system DB highly available,High Availability,Provide an enhanced security infrastructure for cloud,Security,Provide metering and accounting for cloud servicesEnable integration to billing systems if needed,Usage and Accounting,Enhanced management of the virtual environment,Virtualized HW Management,Energy management of the hardware infrastructure,Energy Management,“Built for Purpose”Cloud Solution,Preinstalled and configured on IBM hardware,Server,Storage,Network HW,IBM CloudBurst,IBM CloudBurst:an integrated service delivery platform,Self contained on-premise cloud:Prepackaged hardware,software,and services based on System x Blade Center platform and Tivoli Service Management products.Web 2.0 Self-service portal:Automated request,(de-)provisioning of production or development/test workloads utilizing virtualization technologies across server,network,and storage,including reservation of compute and storage resources.Pre-packaged automation templates and workflows for most common resource types,such as VMWare and KVM virtual machines(provisioned-to capabilities).Integrated core service management capabilities:Real-time monitoring of virtualized resources,energy management,(de-)provisioning,patch management and remediation,security,usage and accounting,reusable library for rapid deployment,pre-built reports(BIRT).Modular/Plug and Play:Incrementally,automatically expandable and scalable.Multi-tenant:Management of multi-customer,multi-project collections of virtual systems.Quickstart implementation services included to get Cloud platform up and running in days.Extensibility across data center with TSAM integration.Enablement for WebSphere Cloudburst outside-the-box integration.,Single product,single delivery,single installation,single invoice,single support structure,provide data for planning,budgeting,billing and accurate chargeback for services,Built-in Metering,Usage and Accounting,Understand costs,track,allocate and invoice by department,user and many additional criteria.Collect,analyze and bill based on usage and costs of shared assets.Deliver detailed information and reports about the intricate use of shared resources.,stay ahead of evolving threats and compliance measures,Optional security to protect your production cloud,Help detect and block network attacks,and unauthorized network access.Enable cloud computing service providers to deliver segmented security in multi-tenant virtual environments.Integrate virtualized security with traditional network protection to reduce complexity of security operations,ComplianceComplying with SOX,HIPPA and other regulations may prohibit the use of clouds for some applications.Comprehensive auditing capabilities are essential.,High-level cloud security concerns,Less ControlMany companies and governments are uncomfortable with the idea of their information located on systems they do not control.Providers must offer a high degree of security transparency to help put customers at ease.,ReliabilityHigh availability will be a key concern.IT departments will worry about a loss of service should outages occur.Mission critical applications may not run in the cloud without strong availability guarantees.,Security ManagementProviders must supply easy,visual controls to manage firewall and security settings for applications and runtime environments in the cloud.,Data SecurityMigrating workloads to a shared network and compute infrastructure increases the potential for unauthorized exposure.Authentication and access technologies become increasingly important.,IBM Security Framework&Cloud Computing,Authentication and role-based access controlFederated Identity including single sign-onIsolation ManagementServer,Storage and NetworkSecurity for Image ManagementSecurity Metadata,Access Control,AuthorizationIntegrity managementVirtual Image integrityRisk and ComplianceAuditing and Configuration ManagementEnterprise-level Regulatory CompliancePolicy ManagementThreat Management,Hybrid Cloud Management,Security and Integration,From the Enterprise Clients perspective:Management of workloads running off-premise on cloudsManagement of software applications and services(monitoring,events,availability,performance)Service Request Management(governance of service provisioning)Dashboard for service visibility Security for HybridsControl security and resilience of services(identity management,compliance,isolation)Integration(Connectivity)of hybrid applications&informationOn-premise to off-premise business application connectivity&governanceInformation exchange across the enterprise and clouds,Enterprise Resources,Public Cloud,Trusted Cloud,Enterprise Management,&Governance of Cloud software,applications,workload,Data Center N,Data Center 1,Federates Master and Instance images wherever they are in the datacenterTracks versions,owners,deploymentsTracks content of images using OVFTracks provenance(Parent/child)Manages replicationFederates IBM and non-IBM platform repositories(e.g.IBM Systems Director VMControl),Tivoli Provisioning Manager Federated Image Library,Image Lifecycle Management&Tivoli Federated Image Library,Cloud Energy Monitoring and Optimization,Tivoli Monitoring for Energy Mgmt,TDW,Maximo for Energy Optimization,Centralized Energy Views&Reporting,Thermal Visualization of Data Center,Integrated IT and Facilities Alerts,Integration of Energy and Asset Data,IT Operator/Manager,Data Center Administrator,Facility Manager/Engineer,Information Technology,Data Center Infrastructure,Building Infrastructure,PrivateCloud,Common Cloud Management Platform Provide foundation for IBM cloud offeringsSupport flexible deployment and business modelsEnable competitive delivery economicsIntegrated Service Management is essential for a Cloud Management PlatformCloud Service Lifecycle ManagementImage ManagementEvent Management,Business Service ManagementIdentity,Isolation and Compliance ManagementEnterprise use of Public Clouds will drive Hybrid Management,Security and Integration,In Summary,