A significant evolution is involved fora traditional datacenter or a Hosting Service Provider (HSP) to become a Cloud Service Provider (CSP). This involves introducing virtualized infrastructure at compute, network and storage levels by introducing the best practices for management, monitoring and provisioning in a cloud environment.
The following are some of the best practices recommended for a Public or a Private cloud environment:
Self-Service Portals and Orchestration
Due to the sheer volume of customers and end users that CSPs deal with, there is need for a simplified self-service portal.
Essentially functioning as a services catalog, it allows customers to select, purchase and implement a new service, whether it is Virtual Machines (VMs) provisioning, storage provisioning or an email account. This is now a necessity for any public or an enterprise-class private cloud environment.
Service providers would fail in a matter of months,without the ability to track and attribute service and resource consumption. Establishing metrics and billing for their service and usage consumption is of high significance for generating business revenue and projecting business guidance.
Instead of reinventing the wheel, the new service providers should borrow the successful chargeback models and apply them for their cloud metering. They should also get these integrated with other Billing Gateways for making an online payment to facilitate users with seamless experience.
As each service catalog and resource usage incurs charges to the company,it is recommended to offer an approval workflow within the self-service portal for the company administrator to allow/reject any user provisioning requests.
Automation is integral to a successful cloud because consumers expect prompt services, no matter where or when they are making the request. By automating the provisioning process, service providers can spend less time on service maintenance and more time on business improvement opportunities. By automating the expiry process, service providers can ensure the releasing of resources on time and making it available to new provisioning requests.
The CSPs should target for an end-to-end automation with provisioning, approval work flow, chargeback, extension and expiry, all integrated together.
Considering datacenters with ever changing economic climate and availability of many competitively priced virtualized platforms, it makes economic sense to consider orchestration products which have multi-vendor support unified into an automated provisioning system, with approval and chargeback workflows. The provisioning system should be analytics driven and should support intelligent capacity provisioning with utilization alerts and reporting.
One of the major security concerns today is the lack of isolation between tenants spread across heterogeneous hypervisors or hybrid cloud environments. Any unauthorized access or migrations between tenants in a multi-tenant data center will weaken the isolation boundaries.
It is important to ensure complete isolation between any two tenants at all levels, i.e. Compute, Network and Storage in a multi-tenant cloud environment.
Migrating Rogue VMs into Trusted Cloud
An external spurious virtual machine infected with viruses or spywares may be brought in, migrated or copied into the cloud and made to function. This will pose a major threat to the cloud infrastructure.
It is good to have products which auto-discover Rogue VMs entering the trusted cloud environment and prevent them from booting-up in that environment.
Domain Specific Offerings
The Cloud Service Providers need to differentiate their offerings by providing domain specific clouds in their service catalogs like Dev-Test Cloud, Financial Services Cloud, Health Care Specific Cloud, Disaster Recovery Cloud, etc., with all appropriate compliance requirements taken care of by each of these verticals.
Hence, it becomes important to deploy a base platform which is flexible enough to support all such vertical offerings to build the controls required to offer compliance.
Customization & Rich Integration with Existing Infrastructures
It is highly recommended that the cloud platforms and products should provide APIs which can be used by the other third-party products within the cloud environment for unification. Preference should be given to offerings which meets the end user requirements of customization.