Sei sulla pagina 1di 31

A Combat Support Agency

Cloud Computing: An
Operational Perspective
Henry J. Sienkiewicz
Technical Program Director
Center for Computing Services
27 February 2009
An Operational Perspective
A Combat Support Agency

• Warfighter-centric
• Legacy & Web 2.0
• Internal & external
services

2
Center For Computing Services
A Combat Support Agency

Command & Control


Global Command and Control System (GCCS)
Global Combat Support System (GCSS)
provide command Missile Defense C2BMC
and control
provision ships
Warfighter Logistics
Defense Distribution Standard System (DSS)
DLA Enterprise Business Management System
Transportation and cargo movement systems
Combat requisition and maintenance systems

DoD Financial and Security


Military and Civilian Pay & Personnel pay the warfighters
manage parts and Electronic business and contracting systems
replenish supplies Public Key Infrastructure (PKI)

Health & Medical Readiness


Composite Health Care System (AHLTA)

Enterprise Services
Global Content Delivery System (GCDS)
manage transportation DMZ Infrastructure
provide medical care
and maintenance

Combat Support Computing 3


DISA Computing Environment
A Combat Support Agency

• 4,000,000+ users

• 13 facilities

• 445,000 sq ft raised floor

• 34 mainframes

• 6100 servers

• 3800 terabytes of Storage

• 2,800 application / database


instances

• 215 software vendors

Defense Enterprise Computing Centers (DECC) 4


Computing Services – Jan 2009
A Combat Support Agency

Mechanicsburg
Europe
Ogden Columbus
Chambersburg
Dayton
NCR
Denver St Louis
Oklahoma
City Huntsville Warner Robins
Hawaii Montgomery Pensacola
Pacific San Antonio

Systems Management Center (SMC) – @ 350 FTEs OCONUS Defense Enterprise Computing
(Mainframe & Server processing) Center (DECC)

Infrastructure Services Center (ISC) – @ 100 FTEs Headquarters

Processing Element PE) – @ 13 FTEs 5


What is “Cloud Computing?”
A Combat Support Agency

• User:
– Builds a web application,
– Using a standard platform
– Using a standard database
– Upload this application to a cloud provider

• Cloud provider automatically


– Provisions the services
– Scales the application and the database together

• User
– Doesn’t care about which servers, which databases, which
hardware, how much memory (the cloud platform handles all of
that)
– Users are totally free away from any technical complexity other
than the service itself.

• Cloud provider
– Decides how to cache content, how and where to deploy servers
based on demand, performs backups, and even has the ability
for the business to distinguish "production" from "staging"
deployments.
– Has ongoing management and monitoring of the external
service.

• User:
– Only pays for what s/he uses when s/he needs it.
– Everything else is an implementation detail.
6
Clouds
A Combat Support Agency Complexity With A Promise Of ….
• Application Flexibility
– Standardized
– Increasingly “click to run”
services
– Live in remote Internet
data centers
– Scalable to millions
– Use shared IT
infrastructure
• Procurement
– Efficient
– Rapid
– Commoditized
– “Pay by the sip”
Cloud Computing Storage Mindmap • Security
– Simplified
– Streamlined

7
Cloud Types and Cloud Development
A Combat Support Agency

Many Different Types

Environment To Develop

8
Cloud Types: An Ontology
A Combat Support Agency

Different Types But All Services-centric 9


Cloud Types
A Combat Support Agency

• Platform-As-A-Service (PaaS)
– The delivery of a computing platform, and/or solution stack as a service
– Facilitates deployment of applications without the cost and complexity of buying and managing the underlying
hardware and software layers
– For example:
• Web application frameworks
– Ajax
– Python Jingo
– Ruby on Rails
• Web hosting
• Proprietary

• Infrastructure-As-A-Service (IaaS)
– The delivery of computer infrastructure as a services, typically platform virtualization
– For example:
• Full virtualization
• Grid computing
• Management
• Compute

• Applications-As-A-Service (AaaS) /Software-As-A-Service (SaaS)


– Leverages the Cloud in software architecture
– Eliminates the need to install and run the application on the customer's own computer
– For example:
• Peer-to-peer / volunteer computing
• Web application
• Software as a service
• Software plus services

• Database-As-A-Service (DaaS)
– Leverages the Cloud for delivering database services

Users Want To Use The “Cloud” Services 10


Creating A “Cloud”
A Combat Support Agency

Providers Think Of How To Build A “Cloud” 11


Enabling the
A Combat Support Agency Cloud Environment
 Infrastructure
– Consolidation
– Global Information Grid
– Capacity Services
– Virtualization
– Rapid Provisioning
– Facility Analysis
 Software
– Network-Centric Services
– Software-as-a-Service (Saas)
– Forge.mil
 Processes
– ITIL
– Security (Certification &
Accreditation)
– Computing Service Provider
(CSP) Analysis
– “Greening”

Multiple Technology Rivers Merging 12


A Combat Support Agency

Infrastructure

13
Legacy of Consolidations and Savings
A Combat Support Agency

Service/ DISA DISA DISA combat


Agency Megacenter “SMART” support
consolidation computing
consolidation consolidation transformation
under DMRD – DMRD under QDR
918/BRAC
924 and DRI

1990 1993 1998 2005

• Reduced • Reduced • Reduced • Mainframe & Server


number of number of mainframe consolidation
mainframe mainframe sites from 16 • 4 primary sites w/
sites from 194 sites from 71 to 5 remote system mgmt
to 16 • Saved • Centralized all business
to 71
• Saved • Saved $203M/year functions
$206M/year • Saved
$320M/year
$143M/year

Consolidation Helps But


Co-location Is Not The “Cloud” 14
Network Services
A Combat Support Agency

Network Aware Flexible


Applications SOA
Foundation

Single
Authentication
Site

Common Centralized
Storage & Computing
Retrieval Services

Shared Long-
Haul
Transport End-to-End
For Services/ MPLS
Plug & Play Everything
Agencies Ad Hoc Over IP
Connectivity

Integrated Network Services Are Critical To Delivering


“Cloud” Services 15
Capacity Services
A Combat Support Agency

Concept Processor Orders to date


• Acquire capacity as a service provided by
• 439 total orders completed, with a $31.5M
vendor partners
annualized value
• Average delivery timeline of 11 days
• Pay much like a homeowner pays for utilities, – 14 days for mainframe; 10 for server
e.g., by CPU-hours or megabytes consumed – 113 orders took less than 5 days
– 208 orders took between 5 – 14 days

Storage Orders to date


• 157 Total ESS Orders Completed, with a $9.6M
Annualized Value
• Average Delivery Timeline of 14 Days
– 7 Days for Disk
– 11 Days for Network Ports
– 24 Days for Tape Slot Capacity

Speed, Agility, Utility Pricing, Reduced Overhead &


Technology Currency 16
Virtualization & Tech Refresh
A Combat Support Agency

One Customer Infrastructure FY09


FY08

Reduced Footprint
BEFORE AFTER
Annual Sustainment: $25.9 M Annual Sustainment: $14.3 M

• Increased server utilization


• Significant savings
• Faster provisioning

45 % savings
Virtualized Is Not In Itself A “Cloud” 17
Rapid Access
A Combat Support Agency Computing Environment
Agile and responsive computing

Authorized customers order and gain


access to a Server in less than 24
hours

Provides flexible development


platform for Web, application or
database

Windows, Red Hat, SUSE Servers in less


than 30 minutes

MIPR or government credit card

User Self-service 18
Facility Analysis
A Combat Support Agency

• Building site
• Building controls
• Electrical systems
• Exterior structure
• Operations & maintenance service
management
• Fire protection systems
• Security system
• HVAC systems & plumbing
• Interior structures
• Much, much more……

Comprehensive & Routine Facility Analysis Ensures


“Cloud” Readiness 19
A Combat Support Agency

Software Services:
Bridging Developers and Operations

20
Net-Centric Enterprise Services
A Combat Support Agency

User Access Collaboration People Service Metadata


Discovery Discovery Discovery

Metadata
Web-based Registry
Locate specific
Joint access to NCES Real-time voice, text, Ability to discover, Ability to discover,
information for
using Defense video, application develop & reuse develop & reuse data
people
Knowledge Online sessions services semantics

Service Content
Security Discovery

NCES
Ability to operate in Access to data;
a secure improved content
environment awareness

Enterprise Mediation Messaging Content


Service Delivery
Management

Exchange data Real-time updates


Monitors services & alert notifications Improved
availability & with unanticipated responsiveness &
users & formats as data change
reliability bandwidth usage

21
Software as a Service (SaaS)
A Combat Support Agency

Challenge SaaS Provider(s)


• Large number of software vendors • Manage software on “usage” basis

• 3M+ user baseline, continually changing and growing • Established negotiated prices

• Dynamic processing requirements • Include future versions/releases

• Software acquisition lead time • Provide maintenance and patches

• Outyear capital projection for technology infusion

Value Add
• Ability to rapidly change/grow baseline

• Allows technology infusion on timely basis

• No outyear capital projections required

• Partnership with vendor(s)

22
Forge.mil
A Combat Support Agency

• Collaborative environment supporting the development and


sharing of open source and community source software
within the DoD
• Limited Operation Availability: January 23, 2009
• General Availability: March 27, 2009

• Common evaluation criteria and an agile certification


process to accelerate the certification of reusable, net-
centric solutions
• Limited Operational Availability: June 20, 2009

• On demand application development and lifecycle


management tools provided buy DISA CSD on a fee-for-
service bases for private project or program use
• Availability: TBD

Bridging Developers & Operations


– Fosters The Cloud 23
A Combat Support Agency

Processes

24
Information Technology
Infrastructure Library
A Combat Support Agency

• A customizable framework of best practices Continual Process Improvement


designed to promote quality computing services in
the information technology (IT) sector.
• A systematic approach to the provisioning and
management of IT services, from inception
through design, implementation, operation and
continual improvement. Service Service
• Computing Services is a DoD leader in educating Design Transition
its professional staff in information technology
‘best practices’: Service
• Almost 100% of staff educated at the Foundation
Level of ITIL concepts
Strategy
• 100% Customer Management Executives (CMEs)
are certified ITIL Practitioners in Service Level
Management
• Over 100 GS-12 through GS-15s are Practitioners in
Incident/Problem Management Service
• Approximately 50 key personnel are Practitioners in
Change/Release/Configuration Management
Operation

Continual Process Improvement

Providing The Community


With A Common Language & Processes 25
Computing Service
A Combat Support Agency Provider (CSP) Overview
• A tactical tool that allows DISA to extend enhanced operational
capabilities (NetOps) to non-DECC computing center
environments. Two primary components:
– Facility capability assessment
– Integration of tools and processes to enable NetOps Capabilities

• Applies a structured methodology to enable service management


that ensures
– Support for centralized visibility into the operation of key systems and services
consistent with NetOps operational construct
– Compliance and risk management under DISA’s IA program
– Compliance with DoD requirements for computing infrastructure and operations
processes appropriate to MAC Level

• CSP is not a periodic audit/checklist


– Requires specific process and technical changes to enable NetOps
– Sustainment requires long-term coordination between DISA, system owner, system
operator

Data Center Operations “Best Practices” 26


Certification & Accreditation
A Combat Support Agency

• Various C&A approaches


– “Traditional” Defense Information
Technology Security Certification and
Accreditation Process (DITSCAP)
– Department of Defense Information
Assurance Certification and
Accreditation Process (DIACAP)
DIACAP
– Emerging Models
• Landlord/Tenant
• Application Security Evaluation (ASE)
• Appropriate approach based on risk
identification and mitigation

Ensuring Security Is Part Of Creating A “Cloud” 27


Security Technical
A Combat Support Agency
Implementation Guide (STIG)
• Goals:
– Intrusion Avoidance
– Intrusion Detections
– Response and Recovery

• Focus Areas:
– Network/Perimeter
– Peripherals
– Operating Systems
– Users

Standardized Procedures Critical


To Enterprise-wide Security 28
“Greening” DECC Infrastructure
A Combat Support Agency

Challenge
• Increasing energy costs
• Increased cooling requirements to support
more compact implementations

• Increased regulatory environment

Initiatives
• Consolidation
• Virtualization
• Duct cooling
• Variable frequency drives
• Motion sensor lighting
• Water reclamation

“Greening” Is Part Of Good Stewardship 29


Clouds
A Combat Support Agency Complexity With A Promise Of ….
A Simple Idea Clear Tenets
• User: • Application Flexibility
– Builds a web application, – Standardized
– Using a standard platform – Increasing “click to run” services
– Using a standard database – Live in remote Internet data centers
– Upload this application to a cloud provider – Scalable to millions
– Only pays for what s/he uses when s/he
needs it. • Procurement
– Everything else is an implementation – Efficient
detail. – Rapid
– Commoditized
• Cloud provider automatically – “Pay by the sip”
– Provisions the services
– Scales the application and the database
• Security
together
– Simplified
– Streamlined

Multi-faceted Enablement
• Infrastructure • Software • Processes
– Consolidation – Network-centric Services – ITIL
– Global Information Grid – Software-as-a-Service (Saas) – Security (Certification &
– Capacity Services – Forge.mil Accreditation)
– Virtualization – Computer Service Provider
– Rapid Provisioning (CSP)
– Facility Analysis – “Greening”

It’s A Journey 30
A Combat Support Agency

31

Potrebbero piacerti anche