Search

Impact On IT Service Management From Cloud Computing

In IT Service Management, the ITIL V3 philosophy stresses that “IT is the business.” This is truly realized for providers offering cloud computing services. There are a number of considerations that affect Service Management processes when moving to a cloud services model. Service Desk These traditional ITIL Service Support processes are tightly linked. In the cloud computing model, high expectations of availability are part of the model’s selling point, so rapid restoration of service becomes critical through the use of these processes and the Service Desk that performs them. Change management In addition, Change Management work flow activities can sometimes be done best by the Service Delivery Architects. They are the ones who determine the rules used by the automation tools rather than by the Service Management team, who traditionally performed those tasks now being done by the automation tools. Configuration and Asset Management With the Cloud service model’s standardized infrastructure and specialized tool sets, configuration is typically much simpler than that of an enterprise environment, with its extensive variety of hardware and software that must be orchestrated together. Many service-specific tools provide configuration capability for that service, thus reducing the amount of manual coordination requiredwhen compared to the Enterprise IT model. Asset management is related to configuration management and, in a cloud service, has both a virtual component (e.g. tracking virtual resources) and a dynamic component (i.e., assets can change every hour) to its management process.  Configuration Management needs to address a consumer view, (i.e., what assets belong to the service being consumed), a service view, (since assets equal revenue), and an enterprise view, (showing the business status of all cloud services being offered.) Service Level Management With a cloud environment, a single SLM process can exist, but separate SLAs and Service Level Packages should be defined, monitored, and managed for each service. The monitoring components for SLA related performance data will require tools that do not just rely on knowledge of the infrastructure, given the unpredictability of which cloud infrastructure components will actually be used. Instead, monitoring service performance and availability for ensuring SLA compliance must be done from the perspective of the user not from the perspective of the infrastructure. Availability, Capacity, Continuity, and Security The cloud environment’s “Provider-Consumer” model breaks the link between IT continuity and the customer’s business continuity. The Cloud service provider must offer to its customers a warranty of service continuity and make it part of the SLA that comprises the Service Level Packages offered by the service provider. With a cloud service provider, the hardware and software environments are much more uniform and more easily managed. With the provider’s more homogeneous infrastructure offering a much more stable environment, the risks from a change to production are significantly reduced. With reduced risk, Cloud service providers can deliver modifications to services much faster and hence their agility becomes a part of the business model and a distinguishing capability in the market. It also implies that the Release and Deployment Management (RDM) process is often replaced by a different paradigm. In the cloud model, scalability of capacity and performance is a core offering provided by cloud service providers and their SLAs should reflect this. To accomplish this real-time scalability requires two things on the part of the service provider. For cloud services, availability is vital; much of the availability must be architected into the service. Where once the technical developers of a service could ignore the availability issues of their applications, leaving that to the job of the IT organization, cloud service availability is a key factor to its commercial success and hence must be built-in by the service developers and service architects working with the IT organization. With a combination of tools and resiliency built into the design and implementation of the service itself, the responsibility for availability must be shifted into the development lifecycle long before a service goes into production.
Rated 4.0/5 based on 20 customer reviews

Impact On IT Service Management From Cloud Computing

451
Impact On IT Service Management From Cloud Computing

In IT Service Management, the ITIL V3 philosophy stresses that “IT is the business.” This is truly realized for providers offering cloud computing services. There are a number of considerations that affect Service Management processes when moving to a cloud services model.

Service Desk

These traditional ITIL Service Support processes are tightly linked. In the cloud computing model, high expectations of availability are part of the model’s selling point, so rapid restoration of service becomes critical through the use of these processes and the Service Desk that performs them.

Change management

In addition, Change Management work flow activities can sometimes be done best by the Service Delivery Architects. They are the ones who determine the rules used by the automation tools rather than by the Service Management team, who traditionally performed those tasks now being done by the automation tools.

Configuration and Asset Management

With the Cloud service model’s standardized infrastructure and specialized tool sets, configuration is typically much simpler than that of an enterprise environment, with its extensive variety of hardware and software that must be orchestrated together. Many service-specific tools provide configuration capability for that service, thus reducing the amount of manual coordination requiredwhen compared to the Enterprise IT model.

Asset management is related to configuration management and, in a cloud service, has both a virtual component (e.g. tracking virtual resources) and a dynamic component (i.e., assets can change every hour) to its management process.  Configuration Management needs to address a consumer view, (i.e., what assets belong to the service being consumed), a service view, (since assets equal revenue), and an enterprise view, (showing the business status of all cloud services being offered.)

Service Level Management

With a cloud environment, a single SLM process can exist, but separate SLAs and Service Level Packages should be defined, monitored, and managed for each service. The monitoring components for SLA related performance data will require tools that do not just rely on knowledge of the infrastructure, given the unpredictability of which cloud infrastructure components will actually be used. Instead, monitoring service performance and availability for ensuring SLA compliance must be done from the perspective of the user not from the perspective of the infrastructure.

Availability, Capacity, Continuity, and Security

The cloud environment’s “Provider-Consumer” model breaks the link between IT continuity and the customer’s business continuity. The Cloud service provider must offer to its customers a warranty of service continuity and make it part of the SLA that comprises the Service Level Packages offered by the service provider.

With a cloud service provider, the hardware and software environments are much more uniform and more easily managed. With the provider’s more homogeneous infrastructure offering a much more stable environment, the risks from a change to production are significantly reduced. With reduced risk, Cloud service providers can deliver modifications to services much faster and hence their agility becomes a part of the business model and a distinguishing capability in the market. It also implies that the Release and Deployment Management (RDM) process is often replaced by a different paradigm.

In the cloud model, scalability of capacity and performance is a core offering provided by cloud service providers and their SLAs should reflect this. To accomplish this real-time scalability requires two things on the part of the service provider.

For cloud services, availability is vital; much of the availability must be architected into the service. Where once the technical developers of a service could ignore the availability issues of their applications, leaving that to the job of the IT organization, cloud service availability is a key factor to its commercial success and hence must be built-in by the service developers and service architects working with the IT organization. With a combination of tools and resiliency built into the design and implementation of the service itself, the responsibility for availability must be shifted into the development lifecycle long before a service goes into production.

KnowledgeHut

KnowledgeHut Editor

Author

KnowledgeHut is a fast growing Management Consulting and Training firm that is a source of Intelligent Information support for businesses and professionals across the globe.


Website : http://www.knowledgehut.com/

Join the Discussion

Your email address will not be published. Required fields are marked *

Suggested Blogs

Test Drive Your First Istio Deployment using Play with Kubernetes Platform- Cloud Computing

As a full stack Developer, if you have been spending a lot of time in developing apps recently, you already understand a whole new set of challenges related to Microservice architecture. Although there has been a shift from bloated monolithic apps to compact, focused Microservices for faster implementation and improved resiliency but the fact is  developers have to really worry about the challenges in integrating these services in distributed systems which includes accountability for service discovery, load balancing, registration, fault tolerance, monitoring, routing, compliance, and security.Let us understand the challenges faced by the developers and operators with the Microservice Architecture in details. Consider a 1st Generation simple Service Mesh scenario. As shown below, Service (A) communicates to Service (B). Instead of communicating directly, the request gets routed via Nginx. The Nginx finds a route in Consul (A service discovery tool) and automatically retries to form the connection on HTTP 502’s happen.                                                                    Figure: 1.0 – 1st Gen Service Mesh                                                      Figure:1.1 – Cascading Failure demonstrated with the increase in the number of servicesBut, with the advent of microservices architecture, the number is growing ever since. Below are the  listed challenges encountered by both developers as well as operations team:How to make these growing microservices communicate with each other?Enabling the load balancing architectures over these microservices.Providing role-based routing for the microservices.How to implement outgoing traffic on these microservices and test canary deployment?Managing complexity around these growing pieces of microservices.Implementation of fine-grained control for traffic behavior with rich-routing rules.Challenges in implementing Traffic encryption, service-to-service authentication, and strong identity assertions.In a nutshell, although you could enable service discovery and retry logic into application or networking middleware, the fact is that service discovery becomes tricky to make it right.Enter Istio’s Service Mesh“Service Mesh” is one of the hottest buzzwords of 2018. As the name suggests, it’s a configurable infrastructure layer for a microservices app. It lays out the network of microservices that make up applications and enables interactions between them. It makes communication between service instances flexible, reliable, and fast. The mesh provides service discovery, load balancing, encryption, authentication and authorization, support for the circuit breaker pattern, and other capabilities.Istio is completely an open source service mesh that layers transparently onto existing distributed applications. Istio v1.0 got announced last month and is ready for production. It is written completely in Go Language and its a fully grown platform which provides APIs that let it integrate into any logging platform, or telemetry or policy system. This project adds a very tiny overhead to your system. It is being hosted on GitHub. Istio’s diverse feature set lets you successfully, and efficiently, run a distributed microservice architecture, and provides a uniform way to secure, connect, and monitor microservices.Figure-1.2: Istio’s CapabilityThe Istio project adds a very tiny overhead to your system. It is being hosted on GitHub. Last month, Istio 1.0 release went public and ready for production environment.What benefits does Istio bring?Istio lets you connect, secure, control, and observe services.It helps to reduce the complexity of service deployments and eases the strain on your development teams.It provides developers and DevOps fine-grained visibility and control over traffic without requiring any changes to application code.It provides CIOs with the necessary tools needed to help enforce security and compliance requirements across the enterprise.It provides behavioral insights & operational control over the service mesh as a whole.Istio makes it easy to create a network of deployed services with automatic Load Balancing for HTTP, gRPC, Web Socket & TCP Traffic.It provides fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.It enables a pluggable policy layer and configuration API supporting access controls, rate limits and quotas.Istio provides automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.It provides secure service-to-service communication in a cluster with strong identity-based authentication and authorization.If you want to deep-dive into Istio architecture, I highly recommend the official Istio website.It’s Demo Time !!!Under this blog post, I will showcase how Istio can be setup on Play with Kubernetes (PWK) Platform for a free of cost. In case you’re new, Play with Kubernetes rightly aka PWK is a labs site provided by Docker. It is a playground which allows users to run K8s clusters in a matter of seconds. It gives the experience of having a free CentOS LinuxVirtual Machine in the browser. Under the hood Docker-in-Docker (DinD) is used to give the effect of multiple VMs/PCs.Open https://labs.play-with-k8s.com/ to access Kubernetes Playground.Click on the Login button to authenticate with Docker Hub or GitHub ID.Once you start the session, you will have your own lab environment.Adding First Kubernetes NodeClick on “Add New Instance” on the left to build your first Kubernetes Cluster node. It automatically names it as “node1”. Each instance has Docker Community Edition (CE) and Kubeadm already pre-installed. This node will be treated as the master node for our cluster.Bootstrapping the Master NodeYou can bootstrap the Kubernetes cluster by initializing the master (node1) node with the below script. Copy this script content into bootstrap.sh file and make it executable using “chmod +x bootstrap.sh” command.When you execute this script, as part of initialization, the kubeadm write several configuration files needed, setup RBAC and deployed Kubernetes control plane components (like kube-apiserver, kube-dns, kube-proxy, etcd, etc.). Control plane components are deployed as Docker containers.Copy the above kubeadm join token command and save it for the next step. This command will be used to join other nodes to your cluster.Adding Worker NodesClick on “Add New Node” to add a new worker node.Checking the Cluster StatusVerifying the running PodsInstalling Istio 1.0.0Istio is deployed in a separate Kubernetes namespace istio-system. We will verify it later. As of now, you can copy the below content in a file called install_istio.sh and save it. You can make it executable and run it to install Istio and related tools.You should be able to see screen flooding with the below output.As shown above, it will enable the Prometheus, ServiceGraph, Jaeger, Grafana, and Zipkin by default.Please note – While executing this script, it might end up with the below error message –unable to recognize "install/kubernetes/istio-demo.yaml": no matches for admissionregistration.k8s.io/, Kind=MutatingWebhookConfigurationThe error message is expected.As soon as the command gets executed completely, you should be able to see a long list of ports which gets displayed at the top center of the page.Verifying the ServicesExposing the ServicesTo expose Prometheus, Grafana & Servicegraph services, you will need to delete the existing services and then use NodePort instead of ClusterIP so as to access the service using the port displayed on the top of the instance page. (as shown below)You should be able to access Grafana page by clicking on “30004” port and Prometheus page by clicking on “30003”.You can check Prometheus metrics by selecting the necessary option as shown below:Under Grafana Page, you can add “Data Source” for Prometheus and ensure that the dashboard is up and running:Congratulations! You have installed Istio on Kubernetes cluster. Below listed services have been installed on K8s playground:Istio Controllers and related RBAC rulesIstio Custom Resource DefinitionsPrometheus and Grafana for MonitoringJeager for Distributed TracingIstio Sidecar Injector (we'll take a look next section)Installing IstioctlIstioctl is configuration command line utility of Istio. It helps to create, list, modify and delete configuration resources in the Istio system.Deploying the Sample BookInfo ApplicationNow Istio is installed and verified, you can deploy one of the sample applications provided with the installation- BookInfo. This is a simple mock bookstore application made up of four services that provide a web product page, book details, reviews (with several versions of the review service), and ratings - all managed using Istio.Deploying BookInfo ServicesDefining the Ingress Gateway:Verifying BookInfo ApplicationAccessing it via Web URLYou should now be able the BookInfo Sample as shown below:Hope, this Istio deployment Kubernetes tutorial helped you to successfully install Istio on Kubernetes. In the future blog post, I will deep dive into Istio Internal Architecture, traffic management, policies & telemetry in detail.
Rated 4.5/5 based on 1 customer reviews
1470
Test Drive Your First Istio Deployment using Play ...

As a full stack Developer, if you have been spendi... Read More

Six common myths about Microsoft Azure

You may be interested in moving your infrastructure to public cloud storage and services such as Microsoft Azure. This form of storage is becoming increasingly popular for its perceived ability to enhance efficiency and simplify your digital operation. Part of what has made Azure such a renowned option is the familiarity of the software – with a setup in common with other Microsoft products.But there is a great deal of misinformation on Microsoft Azure and this has led to the establishment of common half-truths or misapprehensions about the services. Whether you are interested in simple public cloud hosting or a more advanced personalized solution, Azure has the services to suit you.Here we take a look at six common myths about Microsoft Azure, examine the truths behind them – and why you should consider choosing Microsoft Azure.Myth 1: Azure is too complicated for my businessSome organizations are concerned that switching to Microsoft Azure would be too complicated and they lack the technical expertise to make it work. However, one of the major benefits of Azure is that if you are familiar with other Microsoft and Windows products you will find it actually relatively easy to use. The service has been designed to be suitable for businesses of all sizes, so there is no reason to assume you will be overwhelmed.Of course, not every company has the technical knowledge and it can leave owners worried that they will not feel in full control of their infrastructure. Thankfully, however, it is possible to work with specialists who can offer managed Azure hosting services. So, whether you need just a little help with Azure deployments or a fully managed package, there is something out there to suit your business.Myth 2:  It’s a security riskWith rules and regulations such as the GDPR (General Data Protection Regulation) coming into force, it has never been more important to have powerful cybersecurity in place. This means that many businesses worry that their data is put at risk if they use services like Microsoft Azure. However, if this is a concern for you, it’s worth knowing that Azure holds the most comprehensive list of compliance certifications of any cloud provider.Microsoft is an industry leader in privacy protection with unique residency guarantees to protect data at all times. The system is designed to give customers complete confidence in their security. So ultimately you can have complete peace of mind that working with Azure can keep your business entirely secure and private.                                                                                                 Source: Home SecurityMyth 3: The costs are prohibitiveIn some cases, businesses are put off the idea of switching to Microsoft Azure because they believe either that the cost of changing the infrastructure and working practice will be too high, or the actual ongoing costs are too expensive. Of course, it is natural to be want to be in complete control of finances but it can often be the case that businesses that are not willing to invest in infrastructure get overtaken by competitors who do.Clearly, this will depend on your business, but it should be noted that a switch to Azure can see excellent improvements in efficiency and productivity. Additionally, Azure is engaged in a pricing battle with other services - which ensure that the costs of bandwidth and storage are kept to a minimum.Myth 4: Efficiency is the only reason to switch to public cloud storageYes, there is no doubt that increased efficiency is a major benefit of using public cloud storage services with Microsoft Azure, but it is far from the only reason to consider making the change. One of the best reasons to choose public cloud storage is the increased innovation it allows – this might even top reason. It allows your developers to spend their time actually developing, rather than simply on the time-consuming maintenance and management. Azure actually handles many of the complex tasks for you, taking that burden away from developers and freeing them up. This could give them time to work on anything from machine learning or business-critical enhancements to your website. Myth 5: It’s incompatible with the open source software It is sometimes assumed that Azure is completely incompatible with popular open source software, which could make it difficult to implement alongside your existing infrastructure. If this was true it could make it potentially extremely challenging for those businesses that currently utilize open source software as it would mean not only changing over their system to Microsoft Azure but also changing many internal systems.Myth 6: Using the cloud effectively means ONLY using the cloudPerhaps you are concerned that if you make the move to Azure you are committing the whole of your business to the cloud. Some businesses do not fully understand how the cloud works and it can put them in a position where they never consider services such as Azure because they don’t think it would be appropriate for them. However, this does not need to be the case at all as Azure supports hybrid functionality, allowing you to keep on-premises infrastructure in place and simply work with Azure to offer additional capacity. The solutions can be completely bespoke and based around the needs of your company, so there is no reason to assume that you have to stick with a one-size-fits-all package. If you are still concerned about whether Microsoft Azure is right for you, it’s a good idea to speak to specialists, who have experience working with businesses like yours. Whether you would benefit from a hybrid system or hosting based entirely on the cloud, they will be able to advise you as to whether it is a good idea to make the switch.
Rated 4.5/5 based on 11 customer reviews
1910
Six common myths about Microsoft Azure

You may be interested in moving your infrastructur... Read More

SSHing into Ubuntu EC2 instance post blocking port 22 with UFW - Cloud Computing

IntroductionThis blog is in reference to a troubleshooting situation in Amazon Web Services when you have configured firewall setting in your ubuntu ec2 or remote instance and is not able to login via PuTTY through SSH as the instance. Here, we will see how to insert SSH into the instance in a certain situation when you are logged out of that instance.During configuration of SSL security, we may accidentally or purposely block SSH for the instance to make the instance secure. But, what if we again want the same instance to SSH for certain changes.  Below is the highlighted configuration of the instance. Here, you can see that all the instances have all ports opened to everything.Here are the configuration changes which you have made on the login into instance:$ sudo apt-get update $ sudo apt-get install nginx $ sudo apt-get install ufw  Check UFW Status and Rules At any time, you can check the status of UFW with this command:$ sudo ufw status verbose By default, UFW will be disabled so you should see something like this:Output: Status: inactive If UFW is active, the output will say that it's active, and it will list the rules that are set. For example, if the firewall is set to allow SSH (port 22) connections from anywhere, the output might look something like this:Output: Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To                         Action      From --                         ------      ---- 22/tcp                     ALLOW IN Anywhere $ sudo ufw deny ssh $ sudo ufw status verbose Output: Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To                         Action      From --                         ------      ---- 22/tcp                     DENY    Anywhere If you kicked or logged out of the instance once the changes are done, you will be seeing the below results.On SSH into the instance with your Public DNS through PuTTY below are the results which you are seeing as an error i.e. Network error: Connection Timed Out  Below error shows that even after all ports were opened outside, the instance is not able to SSH because of firewall software of Ubuntu at the system level. Let’s see how to resolve this kind of system related issue.Solution to the issue:Step 1: Take an image of the EC2 instance by selecting the instance ->Image-Create ImageStep 2: Provide specification Image name, tick on no reboot and push the create image buttonStep 3: Then Select the image and click on launchStep 4: Go to instance type, select and click on NextStep 5: In the configuration instance, write the below commands under Advanced Details and click on next:#!/bin/bash sudo ufw allow ssh sudo ufw allow 22 sudo ufw allow 443 sudo ufw allow 8080 sudo ufw allow 80 sudo ufw status  sudo ufw enable Step 6: Click next and next tab and add security group similar as providedStep 7: Review and launch the instance and then try to SSH to the instance through PuTTY. You will be now able to add SSH inside the instance with this and you can terminate the old instance as the new instance with all the setup same as that of the old instance without any issue except the public IP and private IP change.Best Practices of Firewall Configuration & Port Blocking:Ensure that the Security Groups will allow a specific IP addresses which are within the VPN Range of the Environment.Use of NACL for allowing and blocking the IP addresses or subnets for a specific Port by using allow and deny rules. A network ACL contains a numbered list of rules that we evaluate in order, starting with the lowest numbered rule. This helps to determine whether traffic is allowed in or out of any subnet associated with the network ACL. The highest number that you can use for a rule is 32766. We recommend that you start by creating rules in increments (for example, increments of 10 or 100) so that you can insert new rules.Use of Bastion Host for accessing critical servers and environment is always a better option to increase the security of the system or environment. 
Rated 4.0/5 based on 3 customer reviews
SSHing into Ubuntu EC2 instance post blocking port...

IntroductionThis blog is in reference to a trouble... Read More

other Blogs