Академический Документы
Профессиональный Документы
Культура Документы
Intel IT Cloud Computing Strategy..... 3 We identify several attributes that distinguish cloud computing from conventional
computing. These attributes are:
Intel IT Private Cloud • On-demand self-service
Expected Benefits........................................... 3
• Broad network access
Increased Agility ........................................... 3
• Resource pooling
Improved Infrastructure Efficiency... 4 • Rapid elasticity
High Availability and Security............... 4 • Measured service
Intel IT Private Cloud Architecture ..... 4 • Sharing by multiple tenants
Infrastructure as a Service .................... 5 Currently there are three primary categories of cloud computing service:
Platform as a Service................................. 6 Infrastructure as a service (IaaS). Computing infrastructure, such as servers,
Self-Service Portal........................................ 6 storage, and network, delivered as a cloud service, typically through virtualization.
IT Service Management Platform as a service (PaaS). Platforms that can be used to develop and
and Manageability ....................................... 7 deploy applications.
Manageability ................................................. 8
Software as a service (SaaS). Software deployed as a hosted service and
Security ............................................................... 8 accessed over the Internet.
2 www.intel.com/IT
An Enterprise Private Cloud Architecture and Implementation Roadmap IT@Intel White Paper
INTEL IT CLOUD us to take advantage of public clouds over INTEL IT PRIVATE CLOUD
time, as standards emerge, the technology
COMPUTING STRATEGY matures, costs are lowered, and security EXPECTED BENEFITS
The Intel IT cloud computing strategy, concerns are overcome. We anticipate that our enterprise
shown in Figure 1, is designed to deliver At the same time, we are opportunistically private cloud will deliver key benefits
benefits including increased agility and taking advantage of specific public cloud both to Intel IT and to Intel’s employees.
more efficient resource utilization. services offered by external providers These benefits include increased agility,
when they provide benefit to Intel. For improved infrastructure efficiency, and
Our primary strategy is to grow the cloud
example, we have already deployed several high availability.
from the inside out. We are building a private
cloud for office and enterprise computing, software as a service (SaaS) applications,
including expense and time card tools, Increased Agility
based on a highly virtualized, energy-
health benefit applications, and social Our goal is to meet business needs more
efficient, and flexible environment. This
media applications. quickly. The private cloud will enable business
approach offers many of the benefits of
groups and developers to rapidly acquire
public clouds, such as increased agility and Because of the significant scope of our
and manage their own cloud capacity, and—
efficiency, without the risks associated with private cloud project, we are planning to
within pre-defined limits—dynamically scale
hosting Intel’s sensitive applications and implement the private cloud in phases over
resources to meet their application needs.
data outside the firewall. It also positions several years.
Hosting Platforms Build/Grow Enterprise Private Cloud Evaluate Hybrid Clouds. Federated IaaS
CRM - customer relationship management; IaaS - Infrastructure as a service; SaaS - Software as a service; VM - virtual machine
Figure 1. The Intel IT cloud computing strategy grows the cloud from the inside out.
www.intel.com/IT 3
IT@Intel White Paper An Enterprise Private Cloud Architecture and Implementation Roadmap
The private cloud is evolving from our Improved Infrastructure Efficiency applications and data outside the firewall. We
current virtualization initiatives, which have The foundation of the private cloud is a expect that our private cloud will enable us
already demonstrated that we can reduce shared virtualized infrastructure: Computing to extend even higher levels of availability to
provisioning time to weeks, compared with resources are virtualized and pooled to serve all applications without the need for costly
months in the conventional computing all business groups using a multi-tenant specialized hardware and software. This is
environment. model. We anticipate that this will result in due to new high-availability capabilities that
increased efficiency by driving higher levels virtualization software will support over time, as
We expect to further reduce provisioning
of resource utilization within each pool. This well as the availability of mission-critical features,
time using a self-service portal and
enables us to reduce power consumption such as Machine Check Architecture Recovery, in
automated workflows. Ultimately, we
overall by consolidating the workloads from higher-end industry standard servers.
expect that this will enable users to obtain
infrastructure capacity within minutes. older, less-efficient servers onto a smaller
number of more power-efficient, new servers.
To help ensure that we can quickly adjust
overall cloud capacity to match business
This can reduce costs by lessening the need INTEL IT PRIVATE CLOUD
to add data center capacity.
requirements, we are developing business ARCHITECTURE
intelligence (BI) capabilities that facilitate High Availability and Security We defined a private cloud architecture
strategic capacity planning and better to establish the overall direction of our
By building a private cloud, we can deliver the
monitoring of near-term demand signals private cloud and to provide a foundation
benefits of public clouds without incurring the
and long-term trends. for further development and innovation.
risks associated with hosting Intel’s sensitive
Enterprise Cloud
Hardware layer
• Firmware • Server • Network
• Hardware • Storage
4 www.intel.com/IT
An Enterprise Private Cloud Architecture and Implementation Roadmap IT@Intel White Paper
The primary elements of our architecture applications, owned by different business within each pool. It also enables implementation
include infrastructure as a service (IaaS), groups, to transparently share common of more advanced services, such as balancing
which provides dynamically scalable resources underlying physical resources, such as servers workloads across physical servers and storage
based on virtualized infrastructure; platform and storage. Rather than purchasing physical frames. Workload balancing is achieved with
as a service (PaaS), which builds on IaaS and servers, software, data center space, and VM live migration, which migrates virtualized
simplifies application development by adding network equipment, our internal customers applications between physical resources within
standardized stacks of services used by a will receive these resources as VMs. a resource pool in a way that is transparent
wide range of applications; and a self-service to users and does not interrupt the service
To build this infrastructure, we are
portal that enables business groups to provided by the application.
accelerating our adoption of virtualization.
request, manage, and track cloud resources.
Today, we have virtualized 15 percent of We also anticipate that we will be able to
The cloud will also include some internally
the servers used for office and enterprise extend high availability to most applications
hosted SaaS multi-tenant applications. This
computing. Our goal is to increase this rate to by using techniques such as automated
SaaS element could grow in the future to
70 to 80 percent of our office and enterprise VM restart in conjunction with networked
support increased collaboration between Intel
servers within about two years. storage design.
and other companies, and hybrid internal-
external cloud hosting services. We plan to achieve this through server We plan to implement a common disaster
refresh in combination with consolidating recovery architecture, independent of the OS
Our architecture is shown in Figure 2. The
the workloads of multiple older servers into and applications. In the event of a disaster,
primary focus areas are described below.
VMs onto new, more powerful servers based this architecture is designed to enable
on Intel® Xeon® processors. At the same rollover of all designated applications within
Infrastructure as a Service
time, we are aggregating and consolidating a resource pool to another site.
IaaS is the virtualized multi-tenant
physical resources, such as servers, storage
infrastructure underpinning our private Over time, we expect to take advantage
frames, and network bandwidth, into large
cloud. IaaS infrastructure delivers compute of continuing technology improvements
pools, as shown in Figure 3.
services, typically in the form of a virtual to further increase security and quality of
machine (VM) with associated storage and This enables us to achieve increased efficiency service for the applications running in this
network connectivity. This enables multiple by driving higher levels of resource utilization shared multi-tenant environment.
Resource Pool
Local
Virtual Machine Virtual Machine Virtual Machine Area Network
OS OS OS
Hypervisor
Server
Storage
Area Network
Figure 3. Private cloud infrastructure as a service: Large resource pools based on virtualized infrastructure provide greater flexibility and efficiency.
Resources of each physical host are virtualized and presented as multiple virtual machines to run multiple OS and application instances. Private Cloud IaaS
consists of pools of virtualized resources (compute, memory, storage, bandwidth) spanning multiple hosts and storage frames. Multi-tenancy (different
resource pools for different customers) are on shared physical infrastructure.
www.intel.com/IT 5
IT@Intel White Paper An Enterprise Private Cloud Architecture and Implementation Roadmap
Platform as a Service provide at least two primary PaaS platforms: example, if the application receives a greater
One of our goals is to enable our developers one based on our industry-standard number of requests for Web data than
to spend more time on creating applications enterprise computing stack and one based expected, it can request a rapid increase in
and less on systems engineering tasks. To on open-source technologies. Each stack the number of Web front-end servers.
achieve this, our PaaS solution provides provides developers with a standard set of
developers with standard platforms for capabilities, initially including a database, Self-Service Portal
application development while relieving them Web server, authentication and authorization The self-service portal provides business
of most of the tasks traditionally associated services, and an application server role. We groups with a graphical interface that they
with maintaining a server OS, such as plan to over time add other services, such as can use to directly request, manage, track,
patching, configuration, and monitoring. analytics and reporting. and retire private cloud services and capacity
to meet their business needs and demands.
We have built our PaaS solution on top of Application developers request and manage
the IaaS base environment. This allows their PaaS application platforms through the We first implemented a basic self-service
the platform to respond dynamically to self-service portal described in the following portal for our office and enterprise
demand by taking advantage of IaaS section. They select server platforms or application developers in 2008. This custom
capabilities. The platform is a standard complete software stacks based on the portal, developed using off-the-shelf tools,
service that applications can utilize; each requirements of each application. has enabled developers to rapidly create
platform component can grow and shrink VMs for short-term use during application
To fully benefit from all PaaS capabilities,
as necessary to meet the needs of the development. The portal uses automated
developers need to adapt their applications
application at each phase of its life cycle. workflows to accelerate and streamline the
to be able to react to changing conditions,
provisioning process.
Our PaaS architecture is intended to promote which may require them to invoke the
and facilitate standardization of our most appropriate IaaS and PaaS services via API To meet the broader requirements of our
important application environments. We will calls from within their applications. For enterprise private cloud, in late 2009 we
6 www.intel.com/IT
An Enterprise Private Cloud Architecture and Implementation Roadmap IT@Intel White Paper
began enhancing the portal to support the we will begin to collect data showing the for managing the overall capacity of the
entire application life cycle. This year, we average throughput of specific applications entire cloud, maintaining a buffer of unused
completed the first iteration of this and business groups. We will be able to capacity that can be assigned to individual
new environment, in which developers use the portal as our primary method for applications as needed. Via the self-service
can acquire, with a few clicks, our understanding incoming demand signals and portal, business groups request and manage
standardized platforms. The portal also establishing a more complete supply chain capacity for individual applications, up
reports consumption of each cloud resource for IaaS capacity. to pre-defined limits based on business
relative to the amount allocated. demand. These limits will be specified
IT Service Management using policies established in service level
The portal enables users to acquire capacity
much more quickly than with previous and Manageability agreements.
methods. During the first year of use, our The Intel IT private cloud is a highly dynamic, The infrastructure team will add private cloud
conservative goal is to enable developers virtualized, and automated environment. infrastructure as necessary to ensure that
to obtain fully configured set of VMs Managing this environment will require capacity is not a constraint to the business
within three hours of submitting a request, significant changes in the area of IT and to ensure optimum utilization. Over
compared to a time frame of weeks in service management, which we define as time, we plan to implement manageability
our current virtualized environment. Over the IT business processes, policies, and automation to enable the infrastructure
time, we plan to progressively reduce this roles we use to operate IT services. We team to further increase responsiveness
to minutes rather than hours. Other key also anticipate significant changes in the and efficiency. A key goal is to minimize
benefits include the ability to shorten manageability area, including the tools that infrastructure costs by maintaining a very
development cycles by creating multiple we use to monitor and manage infrastructure thin overhead of unused capacity across
test environments and conducting testing and applications. the private cloud and adding infrastructure
activities in parallel. capacity on a just-in-time basis.
IT SERVICE MANAGEMENT
Later this year, we plan to extend use of the
Intel IT uses an IT service management Business Intelligence
portal to all private cloud development and
framework, based on the Information The private cloud will include comprehensive
test environments, and then to establish
Technology Information Library approach, to BI capabilities, enabling us to quickly and
the portal as the standard interface for
create business policies and processes for automatically gather data that previously
requesting IaaS capacity for production
customer services, guide manageability design may have required extensive manual effort.
applications. Application owners will be able
for those services, and receive information These capabilities will enable us to deliver
to move an application through the life cycle
about the health of each service. some of the more advanced capabilities.
from development to production, eliminating
For example, we will need reliable BI tools
laborious manual processes; the underlying We are continuing to use this framework
to ensure, based on utilization data and
environment will optimize the platform as we implement our private cloud. For
demand signals, that we maintain the
based on the requirements of the life cycle example, creation and deletion of virtual
optimum cloud capacity buffer.
stage, and provide information about how environments are handled as standard
capacity is being used. We also are planning changes and documented in our existing BI tools that enable us to quickly analyze
other new features, such as the ability to change management database. historical consumption and purchasing
create VM templates that can be reused and information, performance and utilization
However, we anticipate significant changes
shared among users. trends, and summaries of alerts and
to business processes in several areas.
security-related events, will provide us with
The portal is also enabling other important
Capacity Management actionable information that we can apply to
business process changes. Initially, the most
Capacity management in our private cloud a broad range of scenarios.
important of these is the ability to directly
monitor incoming demand rather than differs radically from capacity management
Costing Information
relying on manually produced forecasts. As in a conventional computing environment.
When users request capacity through the
we extend the use of the portal to the full Since early 2010, a centralized cloud self-service portal, we will provide them
cycle of development, test, and production, infrastructure team has been responsible with information about the cost of that
www.intel.com/IT 7
IT@Intel White Paper An Enterprise Private Cloud Architecture and Implementation Roadmap
capacity to Intel. This will not generate a We will need tools that extend today’s failed, applications tightly linked to that
chargeback to the user; instead it will be a capabilities to allow us to compare different infrastructure would fail with it.
reporting detail that lets Intel employees execution alternatives across the entire IT
and their managers understand how well or environment, based on priority and efficiency Security
poorly they are utilizing shared Intel assets. policies defined in workload metadata, and The security of Intel’s data and applications
We have found that reporting the cost data if necessary move the workload to another remains a critical focus as we develop
is enough to help people make decisions location with minimal human intervention and implement our cloud strategy. We are
based on the information. Business groups and without interrupting service. acutely aware of our responsibility as an IT
use cost data during project planning when organization to maintain the security and
Identifying the causes of application
having to choose between options and integrity of both corporate intellectual property
performance problems is particularly
during operations when seeking ways to and personal information, regardless of where
important during initial adoption of the
reduce expense. it resides or is being used.
private cloud, to help ensure that users
have confidence in the new environment Private and public clouds create new
Manageability
and do not request excess capacity in security challenges in areas such as resource
A dynamic virtualized, multi-tenant
order to ensure adequate performance. isolation, security event management,
environment results in many new
However, because the private cloud will and data protection. In a non-virtualized
manageability requirements and
be built on a virtualized infrastructure environment, the separation provided
possibilities. Key requirements include
with built-in high availability, detection of by physical infrastructure is assumed to
optimal runtime placement of virtualized
faults below the OS level won’t have the provide a level of protection for applications
workloads and comprehensive VM
same urgency that it has had historically. and data. As we increase the use of a
performance monitoring and diagnostics.
In the past, if part of the infrastructure shared multi-tenant environment based on
8 www.intel.com/IT
An Enterprise Private Cloud Architecture and Implementation Roadmap IT@Intel White Paper
virtualization, business groups will require PRIVATE CLOUD Our phasing takes advantage of key
differentiated security policies based on new enabling technologies in industry-
data classification and mission criticality, and IMPLEMENTATION PLAN standard hardware and software. These
more visibility into secure data flow in the We plan to phase in private cloud technologies, which make it possible to
cloud, and how business-specific security capabilities over the next three-plus build a large private enterprise cloud, include
policies are enforced. years; as the private cloud matures, major improvements in the scalability of
we plan to progressively migrate virtualization software and servers based
Key security focus areas include data
applications from our conventional on Intel Xeon processors. The addition of
encryption and segregation, VM isolation,
environment to the cloud. features to Intel® Virtualization Technology
secure VM migration, virtual network
and off-the-shelf virtualization software will
isolation, and security event and access
monitoring. Externally facing applications, Infrastructure Capability Phasing make it feasible to provide cost-effective
We are taking a pragmatic approach to high availability, increase VM isolation, and
accessible by business partners or consumers,
implementing the enterprise private cloud. increase application quality of service.
are an area of particular concern; we
anticipate providing further detail about Like other IT organizations, we have limited Selected near-term, mid- and long-term
our security approach for externally facing resources and must prioritize and phase in the technical capabilities are described below
applications in the future. desired capabilities over time, while continuing and shown in Table 1.
to support our legacy environment.
www.intel.com/IT 9
IT@Intel White Paper An Enterprise Private Cloud Architecture and Implementation Roadmap
NEAR TERM VM migration and increased VM isolation. competitive advantage or include sensitive
(CURRENT TO 18 MONTHS) Other planned capabilities include a unified data will continue to be hosted within Intel
We will continue to broaden the capabilities compute and storage fabric designed to rather than outsourced to public clouds.
of the self-service portal, as we expand reduce complexity and cost.
As the technology capabilities of our private
its use to the production environment. We cloud increase, we anticipate moving an
anticipate increased energy and cost savings LONG TERM increasing number of these applications
through server refresh as we accelerate (MORE THAN THREE YEARS) from our conventional computing
implementation of virtualization across As private and public clouds mature, we environment to the private cloud. Over
our environment. We anticipate being able expect to be able to take advantage of time, the private cloud will be able to host
to provide high availability as a default services providing increased efficiency production instances of some of our most
capability across the environment. and flexibility, such as cloud brokerage demanding internal applications, including
and federated identity management with externally facing applications, as shown in
MID TERM public clouds. Other anticipated capabilities Table 2.
(18 MONTHS TO THREE YEARS) include continuous data protection, solid-
state storage, near-native virtualization At the same time, we will continue
The private cloud will become capable of
performance, and increased security using to outsource some applications to
running our most critical applications. We
pervasive encryption. We plan to continue to external clouds. In general, we expect
expect to implement just-in-time centralized
automate areas that require manual effort. that candidates for outsourcing will be
capacity planning, using new BI capabilities.
applications that do not provide competitive
To safeguard the private cloud, we plan
Application Phasing advantage, can be run at a lower cost
to implement cross-site, application-
In general, applications that are mission- outside Intel, are not mission-critical, and
independent disaster recovery. New
critical, have demanding requirements, provide do not contain sensitive information.
security capabilities will include secure live
10 www.intel.com/IT
An Enterprise Private Cloud Architecture and Implementation Roadmap IT@Intel White Paper
www.intel.com/IT 11
This paper is for informational purposes only. THIS DOCUMENT IS Intel, the Intel logo, Intel Core, and Xeon are trademarks of Intel Corporation in
PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING the U.S. and other countries.
ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS
* Other names and brands may be claimed as the property of others.
FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE
ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Intel Copyright © 2010 Intel Corporation. All rights reserved.
disclaims all liability, including liability for infringement of any proprietary
rights, relating to use of information in this specification. No license, express Printed in USA Please Recycle
or implied, by estoppel or otherwise, to any intellectual property rights is 0610/KC/KC/PDF 323007-001US
granted herein.