Top 5 features to look for in private cloud services offerings
When evaluating private cloud services, consider offerings that provide an intuitive self-service portal, RBAC, capacity planning and policy enforcement for tenant workloads.
There are a number of things you should look for in private cloud services offerings, but there are five features in particular that you should scrutinize closely.
One of the first things you should consider when evaluating private cloud services offerings is the self-service portal. The main goal of creating a private cloud is usually to give authorized users the ability to create and manage their own VM resources in a controlled environment. At the very least, the self-service portal should enable users to perform their required management functions.
Beyond basic functionality, it's a good idea to make sure the self-service portal is relatively intuitive. Private cloud environments empower end users and improve business agility, but private clouds can also reduce IT's workload. Part of the administrative burden is shifted to self-service users who manage their own VMs. If the self-service portal isn't intuitive, then the private cloud environment might result in an increased volume of calls to the help desk, which could actually end up increasing IT's workload.
Quota management system
Another important thing to look for in private cloud services offerings is a quota management system. When evaluating a quota management system, there are two main things to look for.
The first thing a quota management system should offer is flexibility. In other words, you should be able to create quotas on your own terms. You might decide to base quotas on the amount of storage consumed, the amount of memory consumed or even the number of VMs created. Some platforms even enable users to assign quota points to VM templates; you can make some types of VMs count more heavily against a quota than others.
The other thing you should look for in a quota management system is the ability to simultaneously base quotas on individual activity and group activity. Suppose that a particular department wants to perform self-service provisioning of VMs. Because you don't want this department to deplete all of your private cloud resources, you should probably place a quota on the users within the department to prevent them from consuming too many resources.
With that in mind, imagine what would happen if all the users in the department maxed out their quotas. Depending on how many users are in the department, they could collectively deplete your private cloud resources, even if no one single user was allowed to consume a disproportionate amount of resources. A good quota management system should prevent this by enabling you to set caps for individual users, but also to implement departmental level usage caps.
Role-based access control environment
Another thing you should pay attention to when shopping for private cloud services offerings is role-based access control (RBAC) environments. Every private cloud environment supports RBAC to at least some degree; otherwise, it wouldn't be possible to delegate the ability to perform self-service provisioning of VMs to users. Even so, a good RBAC system should go beyond simply determining which users can provision VMs.
A good RBAC system should go beyond simply determining which users can provision VMs.
Ideally, RBAC should be granular. Within an organization, users might have a variety of responsibilities, and it's important for the private cloud's permissions model to accommodate them.
Suppose you granted a particular user the ability to perform self-service provisioning. You must consider whether that user should be allowed to grant self-service provisioning capabilities to other users, or if all such permissions delegations should go through IT.
Likewise, you might want to initially grant a user view-only permissions to get him or her used to the administrative portal before you give the user any administrative privileges. In any case, the software's RBAC mechanisms should enable you to assign permissions the way that makes the most sense for your own organization rather than requiring you to change the way you do things to get around limitations in the software.
Capacity planning capabilities
Another thing to look for in private cloud services offerings is capacity planning capabilities. Some vendors include this natively with their private cloud platforms, while others offer capacity planning tools through supplementary software.
Capacity planning capabilities are important because a private cloud environment increases management complexity. In a traditional IT environment, the IT department does all of the resource provisioning. As such, admins are aware of resource consumption levels; they are the ones who provision those resources.
In a private cloud environment, however, the IT department delegates VM provisioning to authorized users. Even though there might be quotas in place to prevent those users from consuming excessive resources, the IT department might not know what the user's plans are and how fast the resources allocated to the user will be consumed.
When you consider that there are likely many users with self-service provisioning permissions, you can see how it becomes more difficult to track resource consumption. A good capacity planning tool can help you monitor resource consumption so you can accurately project when additional hardware resources will be necessary.
Finally, whatever private cloud services offerings you choose to implement, they should enable the IT department to enforce corporate security policies. If users deploy their own VMs, for example, those VMs should be automatically configured to download updates from the organization's update server. Similarly, user-created VMs should adhere to established password policies and other security policies.
Because you can't necessarily trust end users to implement the required security settings on their own, the private cloud platform should enable the IT department to enforce any necessary settings within user-created VMs.
