Design Summit - User stories from the field - Chris Jung
-
Upload
manageiq -
Category
Technology
-
view
213 -
download
0
description
Transcript of Design Summit - User stories from the field - Chris Jung
![Page 1: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/1.jpg)
User Storiesfrom the field
![Page 2: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/2.jpg)
3/17/13 Manage IQ Design Summit
Agenda
• Introduction
• Insight Europe
• Agile IT and DevOps
• Operators and Administrators
• Business impact
• Q&A
![Page 3: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/3.jpg)
3/17/13 Manage IQ Design Summit
Who's Chris?
• Located in Germany
• Joined Red Hat in 2006 as Infrastructure Consultant
• Projects around System-Management, High availability, Linux Desktops, Identity Management
• Focus on Cloud and Virtualization in recent years
• Since April EMEA Technical Specialist CloudForms
![Page 4: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/4.jpg)
3/17/13 Manage IQ Design Summit
What's his role?
• Support pre-Sales• Answer questions, support during scoping
• Run Demos or Proof of Concepts
• Support Consulting during delivery
![Page 5: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/5.jpg)
Insight Europe
![Page 6: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/6.jpg)
3/17/13 Manage IQ Design Summit
Insight Europe
• European customers are very sensitive about data protection and privacy• Where is my data stored? Who has access to it?
• Companies and public sector very sceptic about public cloud services
• Results in:High interest in private cloud or regional clouds
![Page 7: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/7.jpg)
3/17/13 Manage IQ Design Summit
Privacy laws
• European law about personal data is very strict
• Some countries have even stricter laws
• Many differences between countries
• European law is setting minimum standards
• local law can be and often is more restrictive
![Page 8: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/8.jpg)
3/17/13 Manage IQ Design Summit
Example: Personal data in Germany
• If a company allows private email usage, they automatically fall under the laws of postal secrecy
• They can no longer scan, read or analysis any mail (because they can not know if an email was private or work related)
• This creates special requirements for example for backups, SPAM and virus filters, out of office rules, data retention policies
![Page 9: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/9.jpg)
3/17/13 Manage IQ Design Summit
Example: User Profiles
• Companies are not allowed to collect data which could potentially be used to create user profiles
• It is not even relevant if they actually use the data, storing the data already potentially violates the law!
• Log in times, logging of software usage, usage patterns, mail transfer logs, web proxies, ...
![Page 10: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/10.jpg)
3/17/13 Manage IQ Design Summit
Personal data
• Microsoft has recently been forced by US authorities to provide personal data about end users even though the data is stored in the EU
• If they will lose this case and are forced to release the data, this will be another big blocker for public cloud adoption in Europe
• http://www.zdnet.com/blog/igeneration/microsoft-admits-patriot-act-can-access-eu-based-cloud-data/11225• http://www.washingtonpost.com/news/volokh-conspiracy/w
p/2014/07/07/what-legal-protections-apply-to-e-mail-stored-outside-the-u-s/
![Page 11: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/11.jpg)
3/17/13 Manage IQ Design Summit
Impact on European Market
• This is actually a big opportunity for European or local cloud service providers
• They can argue that since they are not owned by an American company, they can not be forced by US authorities to release personal data
• The high bars set by law were often seen as a blocker
• Suddenly it's a competitive advantage
![Page 12: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/12.jpg)
Impact on ManageIQ
![Page 13: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/13.jpg)
3/17/13 Manage IQ Design Summit
Why is this a problem for MIQ?
• SmartState Analysis can fetch personal data from VMs• Desktop virtualization• Browser history, Registry settings, user generated content
• Mail Servers• Mail content, log files
• Log files can provide personal data• Log in times, user behavior, proxy logs
• Reports could be used to create user profiles• log in behavior (time, Geo location, ... )
![Page 14: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/14.jpg)
3/17/13 Manage IQ Design Summit
But also an opportunity
• MIQ can help to respect European and local law
• Zones and Regions can be setup to adjust functionality to respect local law• e.g. SmartState Analysis could be disabled in specific zones or
regions
• Control policies can be used to cancel unauthorized activities• e.g. cancel SmartState Analysis based on tags by tagging all
virtual desktops, mail servers, proxies,....
![Page 15: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/15.jpg)
3/17/13 Manage IQ Design Summit
Basic guidelines
• Data reduction• Always consider, do I really need this kind of user data or can I
complete the request without it?
• Anonymize data: statistical analysis is allowed
• Remove all references identifying a user, before storing the data record
• Use strong encryption• Clear text transfer is always forbidden if it contains user data
• Never store clear text credentials• use password attribute in MIQ instead
![Page 16: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/16.jpg)
ÜbersetzungenConversioneThèmeTranslations
![Page 17: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/17.jpg)
3/17/13 Manage IQ Design Summit
Localization
• A must have in some countries like France
• Nice to have for most German customers, but a challenge in the public sector
• Long term we need full UI localization
• Think beyond ASCII!
![Page 18: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/18.jpg)
3/17/13 Manage IQ Design Summit
Localization today
• Localization works for • VMs
• Providers
• Users
• custom buttons
• service catalog items
• reports
• ....
... so we are almost there!
![Page 19: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/19.jpg)
Special Industry requirements
![Page 20: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/20.jpg)
3/17/13 Manage IQ Design Summit
Industry requirements
• Some industries have to meet additional requirements• financial sector
• Hosting or service providers
• regular audits to prove compliance with local and European law• Banks have to prove compliance by yearly audits
• BaFin (German Banking Supervision)
![Page 21: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/21.jpg)
3/17/13 Manage IQ Design Summit
How MIQ can help
• control and compliance policies• verify compliance
• document compliance
• part of audit trail
• verify compliance• ShellShock
• Heartbleed
• SELinux Enforcement
• the next big thing
![Page 22: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/22.jpg)
3/17/13 Manage IQ Design Summit
Summary
• Very sensitive about personal data• Where is it stored? Who has access?
• Complex law requirements
• Localization
• MIQ can help to address these!
![Page 23: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/23.jpg)
Agile IT and DevOps
![Page 24: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/24.jpg)
3/17/13 Manage IQ Design Summit
Agile IT and DevOps
• Internal IT is usually not fast enough to meet developer requirements
• Developers are under pressure to deliver results in short time frame
• Sooner or later Developers start using resources from AWS or Google• probably even with approval from their managers
• only way to meet schedule
• Cloud services put IT under specific pressure• “Why does IT need a week to build a VM while AWS only needs
minutes?”
![Page 25: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/25.jpg)
3/17/13 Manage IQ Design Summit
MIQ can help
• reduce deployment time of VMs• Minutes instead of days
• Deep integration into internal IT tools and processes• No manual customization after deployment
![Page 26: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/26.jpg)
3/17/13 Manage IQ Design Summit
Deep integration● integration to build
systems like Jason pre-configured
● backup, monitoring, etc. pre-configured
● developer tools like GCC, Java, IDE etc. are pre-installed
● VM with additional application (like DB, Application Server etc) can be ordered from a self service catalog
● IT will take care of security updates and bug fixes
● App will work in production without modifications
![Page 27: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/27.jpg)
3/17/13 Manage IQ Design Summit
Summary
• Expectations on IT are growing
• IT tries to build compelling offers
• MIQ can help by automatically install standardized applications with deep integration into internal tools and processes!
• Potential integration with PaaS like OpenShift
![Page 28: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/28.jpg)
Operators and Admins
![Page 29: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/29.jpg)
3/17/13 Manage IQ Design Summit
Traditional IT
• Most customers are not Agile
• Some customers will never apply DevOps
• Often you just want to keep in full control of your IT infrastructure
![Page 30: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/30.jpg)
3/17/13 Manage IQ Design Summit
Operators and Admins
• MIQ allows admins decide and influence how future software stacks will look like
• e.g. a software stack is split into frontend/middleware/backend• admins designs the stack and component is deployed into which
zone
• admins have control about deployed application versions, configurations, make sure proper firewall and/or load balancer rules are in place
• a full stack can be deployed by just ordering a single service catalog item or bundle
![Page 31: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/31.jpg)
3/17/13 Manage IQ Design Summit
Stack Deployment
![Page 32: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/32.jpg)
3/17/13 Manage IQ Design Summit
Operations and Admins
• Predictable and reliable platform for application development
• admin/ops still is in charge of what is deployed and where it is deployed• software release and lifecycle management, firewalls/load
balancers, monitoring etc.
• Integration with e.g. ticket systems can be used to track all requests created • will create automatic audit trail in external system about every
service request, lifecycle changes and retirement
![Page 33: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/33.jpg)
3/17/13 Manage IQ Design Summit
Placement
• admins can define and enforce rules to meet their needs• placement polices: "not near" to avoid cluster nodes are running
on the same hypervisor
• placement to use "fast" storage only for I/O intensive workloads
• placement can also override manual migration of VMs
![Page 34: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/34.jpg)
3/17/13 Manage IQ Design Summit
Placement “not near”
• Make sure certain workloads never run on the same hypervisor• Cluster pairs
• Applications with heavy I/O
• CPU intense applications
• Security requirements
• Use tagging to identify workload
![Page 35: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/35.jpg)
3/17/13 Manage IQ Design Summit
Placement “not near”
• Based on existing code • Never re-invent the wheel!
• Fetch list of VMs for each hypervisor
• Check tags of each VM
• If match, skip hypervisor
• Result is a list of hypervisors which are good to go
![Page 36: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/36.jpg)
Global Deployments
![Page 37: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/37.jpg)
3/17/13 Manage IQ Design Summit
Global Deployments
• Customer is running multiple data centers around the globe
• Centralized management from “master” site
• MIQ for global deployments
![Page 38: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/38.jpg)
3/17/13 Manage IQ Design Summit
Single entry point
• Admins and Ops are scheduling deployments from one entry point
• Deployment is orchestrated globally
• Heavy usage of SOAP API
• Automatic scaling• With geographical awareness
• Integrated with • License management (for proprietary software)
• Monitoring
• Configuration Management
![Page 39: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/39.jpg)
3/17/13 Manage IQ Design Summit
Automatic Scaling
• Application has Management component which keeps tracks of Requests/s and Queue Length
• Management component calls MIQ to scale up based on actual load
• MIQ has multiple ways for scaling:• Dormant VM: Installed and configured, but powered off
![Page 40: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/40.jpg)
3/17/13 Manage IQ Design Summit
Automatic Scale Up
• On scale up request:• Verify hard limit of maximum VMs has not been reached
• Check number of dormant VMs and bring up another one
• If number of dormant VMs is too low, create and install another VM and add it to the pool of dormant VMs
• Make sure minimum number of dormant VMs exists
• Active VM in Monitoring
• Keep track of license usage
• Add VM to CMDB
![Page 41: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/41.jpg)
3/17/13 Manage IQ Design Summit
Automatic Scale Down
• On scale down request:• Make sure minimum number of running VMs exist
• Shut down not needed VMs and add to dormant pool
• If dormant pool is to large, retire VM (delete)
• Remove VM from monitoring
• Reduce License usage counter
• Deactivate in CMDB
![Page 42: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/42.jpg)
3/17/13 Manage IQ Design Summit
New DC Deployments
• Automated process to bring up new DC's
• MIQ easy to deploy
• Configuration of MIQ via Puppet etc.
• Use MIQ to orchestrate VM deployment for new DC's• Minimum set of VMs for each application
• Infrastructure configuration (aka load balancers)
all orchestrated from “Master” Site
![Page 43: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/43.jpg)
3/17/13 Manage IQ Design Summit
Summary
• MIQ allows admins/ops to define stack layouts• Instead of developers
• Admins have full control over used software versions, configs, infrastructure, ...
• MIQ helps to make sure they can stay in charge!
![Page 44: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/44.jpg)
Business Impact
![Page 45: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/45.jpg)
3/17/13 Manage IQ Design Summit
Business Impact
• Managers and budget owners want overview:
• How are my hypervisors utilized?
• When do I need more storage?
• Are all VMs compliant?
• Do I have enough resources for this new project?
• Do I have potential bottlenecks?
Reduces operational risks!
![Page 46: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/46.jpg)
3/17/13 Manage IQ Design Summit
Business Impact
• Optimize and planning provides growth forecasts
• Automatic retirement can help to free up unused resources
• Right size recommendation can help to scale down over-sized VMs
Save
Money!!
![Page 47: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/47.jpg)
3/17/13 Manage IQ Design Summit
Retirement logic
• Default retirement 6 months
• Notify user upfront
• Shutdown VM
• Move VM to...• Cheaper storage
• Backup
• And (optionally) delete VM!
• No more Excel sheets to track VM ownership and cleanup process
![Page 48: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/48.jpg)
3/17/13 Manage IQ Design Summit
Business Impact
• reports can help to provide more transparency:
• report "non-VM" related disk usage to free up storage space
• color formatted reports highlight critical values• e.g. free disk space on a datastore is less than 10%
• reports on usage based on department, project, resource type • how much of my "expensive" storage is used and is it only used
for appropriate workloads?
![Page 49: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/49.jpg)
3/17/13 Manage IQ Design Summit
Business Impact
• alerts can send out notifications on critical events
• compliance checks to avoid penalties
• Dashboards to provide role specific overviews
![Page 50: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/50.jpg)
3/17/13 Manage IQ Design Summit
Summary
• Managers like• Reports
• Dashboards
• Trending
• PDF, Scheduler, Mail reports, ...
• MIQ can increase transparency
• Leads to more efficient infrastructure usage and saving money!
![Page 51: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/51.jpg)
Wrapping things up
![Page 52: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/52.jpg)
3/17/13 Manage IQ Design Summit
Wrap up
• Europe has specific challenges• Privacy, Regional differences, Localization
• Agile IT and DevOps give traditional IT a hard time• Rapid deployment, deep integration
• Admins can still be in control• Define stack deployments, enforce compliance and security
• Managers have better overview• Reports, Dashboards, Trending, Bottlenecks
![Page 53: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/53.jpg)
Q&A
![Page 54: Design Summit - User stories from the field - Chris Jung](https://reader035.fdocuments.us/reader035/viewer/2022062406/5596d93d1a28aba4098b4817/html5/thumbnails/54.jpg)
That's all folks!