Cloud management systems vary greatly in their features, ease of use, flexibility, and cost. A cloud provider (or private cloud operator) can develop its own cloud management system or purchase an existing system from cloud software management vendors. Rightscale CMP is the market leader in this domain. In essence an CMP is used for the following reasons:
- Allow for hybrid cloud VM management
- Create automated VM configuration and management processes
- Portability of scripts, code and VM deployments between different cloud platforms eg. AWS and Azure
- Cost management of VM resources, and reduction of sprawl and mis-use
- Centralized SaaS platform to manage Cloud deployment
- Ensure governance policies around Cloud deployments
Key Take-Away
A well-designed, modular cloud management system provides a cloud portal, orchestration, workflow, automated provisioning, and integrated billing/resource metering capabilities.
These functions are presented in three functional layers. Each layer integrates with the layer directly above and below it.
The top layer represents the client-facing web portal on which consumers can place orders, manage, and track their cloud service subscriptions. The middle layer represents the automation, orchestration, workflow, and resource management functions. The bottom layer is the network management layer. This is where systems monitoring, security, and capacity management functions monitor the cloud infrastructure and integrate with existing datacenter operational management tools.
It is very important to note one function that is not included in the cloud management system: the hypervisor. There can be several of these including those hosted at other cloud providers.
The next figure depicts a detailed functional architecture of an ideal cloud management system. There are dozens of ways to show a detailed functional architecture and they will vary depending on cloud management software vendor—none are right or wrong, but pay attention to the individual elements shown in this figure that represent functionality any cloud management system should have.
The function architecture presented below does not include the hypervisors or actual cloud service provider(s)—this is just the command and control functions for all the cloud ecosystem.
In this example, the orchestration levels are both above and below the automation system. This is an attempt to show that orchestration activities occur both pre- and post-initial provisioning.
The orchestration system makes the connections, integration, and data interchange between other layers of the architecture, which allows software from various companies to be integrated when necessary. Workflow and business process logic is normally part of the orchestration layer.
As new cloud providers or technologies are added, these additional provisioning systems would integrate with the orchestration system, facilitating modular additional functionality to your cloud without changing the other layers that have been integrated and are in production operations for your business.
The network management layer at the bottom represents the operations, security, asset, configuration, and software licensing functions that the cloud provider uses to manage the entire infrastructure, including all legacy IT systems, private cloud, and any hybrid integration to third-party cloud services.
The National Institute for Standards and Technology (NIST) has also published a high-level diagram showing the functional capabilities for cloud service management. The below figure demonstrates how several of the elements in the NIST model are very similar to those in the more detailed depiction given above.
NIST model for cloud service management (Source: NIST, Special Publication 5-500-291 version 2, July 2013)