First Look: Deploying Private Clouds With System Center 2012

Earlier this month, I spent a couple of days at a Microsoft Private Cloud Reviewer Workshop in Redmond, Wash., focused on System Center 2012. Final product availability hasn't been announced yet, but Microsoft has already issued this suite of management tools in release candidate form for public testing. The suite can be downloaded at Microsoft's evaluation portal here.

Below I've described my impressions of System Center 2012 during a day of hands-on exercises at that workshop. Note that I'm not a network administrator, so some of this might not go as deep as it could, but I hope that it offers some insight on what to expect from this updated suite of tools.

Before we dive into the nitty-gritty, it's important to understand how Microsoft sees System Center 2012 as an integral part of its private cloud strategy.

System Center 2012 and the Private Cloud
As you know, back in March 2010  CEO Steve Ballmer announced that the company was "all-in" the cloud. At that time, the emphasis appeared to be on public cloud, such as Windows Azure and the Business Productivity Online Suite (now superseded by Office 365). More recently, Charles DiBona, general manager of Microsoft Server and Tools, noted a few months ago that Microsoft's server business currently predominates over its public cloud business, and it will do so for the foreseeable future.

So, it has turned out that supporting customers running servers (which might loosely be called "private clouds") represents the bulk of Microsoft's business prospects. While Microsoft also stresses the ability to support hybrid public-private cloud networks with its products, its latest talk is about helping organizations manage their private clouds, particularly using System Center. The whole private cloud concept apparently wasn't always a part of Microsoft's game plan. Top executives such as CEO Steve Ballmer nearly killed this idea, according to an account by Bloomberg. That's all changed now as Microsoft chases VMware's lead.

Microsoft announced earlier this month that System Center 2012 will be sold as a unified suite of eight applications (also called "components" by Microsoft). Those components include App Controller (a new addition), Configuration Manager, Data Protection Manager, Endpoint Protection, Operations Manager, Orchestrator, Service Manager and Virtual Machine Manager, which work with Windows Server 2008. The key private cloud improvements in the suite can be found in App Controller and Virtual Machine Manager.

Organizations will be able to use Virtual Machine Manager in System Center 2012 to create private clouds. It can be done by leveraging three hypervisors: Microsoft Hyper-V, Citrix XenServer and VMware ESX. Of course the hardware assets have to be present on the network, but according to Microsoft's definition, "through VMM, an organization can manage the private cloud definition, access to the private cloud, and the underlying physical resources."

Microsoft offers a model for how creating and managing private clouds would work within an organization using System Center 2012. From a simplified standpoint, backend IT administrators, or "service providers," control the metal provisioning, while frontend "application owners" request access to virtual machines. System Center 2012's App Controller adds the means to track such requests. The requests are created via wizards as "service templates" using the Service Template Designer tool and these templates can be stored and reused.

The system is role-based using Active Directory integration, so it is possible to grant the application owner permission to self-service their segment of the private cloud. The service provider (or administrator) sets up the approval conditions. With the approval in place, the application owner can monitor the service level agreements of the virtual machines allocated to them. On the backend, the service provider can set up "dynamic optimization" to address changing workloads, as well as "power optimization" to address changes in the power uses of the physical infrastructure (CPU, memory, disk I/O).

A slide shown at the Private Cloud Reviewer Workshop illustrates Microsoft's concept of this roles-based administration of the private cloud. It shows which System Center 2012 tools might be used in such a two-party communication.

Microsoft's self-provisioning scenario
[Click on image for larger view.]
Microsoft's scenario for self-provisioning virtual machines, based on application owner and administrator communications.

This way of working with System Center 2012 is just a simplified concept. For a more practical example of how an organization might set up the self-service aspects of a private cloud using System Center 2012, see the scenario presented in this blog by a senior program manager at Microsoft. He outlines a practical example for how to think about creating host groups using Virtual Machine Manger 2012. He explains that this approach wasn't possible using the earlier Virtual Machine Manager 2008 R2 product.

Hands-On Experience
At the Private Cloud Reviewer Workshop, we used a Remote Desktop Protocol connection into a Microsoft lab to carry out exercises. Microsoft's lab arranges the System Center 2012 components on the desktop's taskbar for easy access.

Initiate a Service Request. One of the tasks I carried out in System Center 2012 included initiating a service request by using a template stored in the service catalog of Service Manager. This is the sort of task that might be carried out by an application owner wanting to use a chunk of a private cloud. Users are presented with a wizard to go through the request steps. It was easy to perform as an exercise, but the user still has to understand settings and organizational structure as reflected in the request process. Some of the backend technical requirements controlled by the service provider (or administrator) can be saved within the service template so that service requestors can avoid having to deal with those complexities. Requestors can view the resources they have access to through App Controller.

App Controller summary screen
[Click on image for larger view.]
The overview pane in App Controller.

Use a Web Portal. Another exercise took me though steps to request self-service access to a virtual machine using a portal accessed though Internet Explorer. The portal's wizard asks the user to specify the amount of memory, virtual machines, etc. as part of the request. The request then can be approved or denied by the administrator through Service Manager, which has an option to send the response by e-mail.

Initiate a Hyper-V Bare Metal Deployment.The next exercise described how to perform a "bare-metal deployment" of a Hyper-V host using Virtual Machine Manager's fabric workspace, a task carried out by an administrator. The wizard will ask the user to identify the physical computers to be provisioned and the IP range to be set, as well as the MAC address, among other such technical details. The administrator uses the fabric workspace in Virtual Machine Manager to create a logical network and an IP pool. Virtual Machine Manager comes with functions specifically to create those elements. This backend complexity is hidden from those requesting services.

Bare-metal deployment using Virtual Machine Manager
[Click on image for larger view.]
Configuring a logical network as part of a bare-metal deployment in Virtual Machine Manager.

Create a Private Cloud. Virtual Machine Manager also allows private clouds to be created, which can consolidate multiple physical servers. The wizard for creating a private cloud asks the user to specify the resources, logical networks, load balancers and storage space for the cloud. Other details to address in the wizard are memory size, the number of virtual machines and the hypervisor to be used. Users can tap into multiple hypervisors but they have to specify different capability profiles for each one. If you want to establish delegated administrator access privileges to access the private cloud, that's done through the settings workspace in Virtual Machine Manager. Another wizard is available called "create user role" that lets administrators more finely tune access to resources by users. For instance, in the exercise, we limited the maximum number of virtual machines that could be created by a particular group of users to five VMs.

Private cloud wizard in Virtual Machine Manager
[Click on image for larger view.]
The wizard to create a private cloud.

Provision a Three-Tier App. In an exercise, we used the Service Template Designer in Virtual Machine Manager to pull a pattern from the library workspace to represent a three-tier application (Web, app and data). This template displays on the screen like a Visio flow chart. It can be customized and saved.

Creating a three-tier app in Virtual Machine Manager
[Click on image for larger view.]
Creating a three-tier application using the Service Template Designer in Virtual Machine Manager.

Use Runbooks for Autoremediation. Another exercise featured the use of Orchestrator, which is a runbook modeler that Microsoft integrated into System Center 2012 after buying Opalis Software. The runbook displays graphically, like a flow chart. The exercise showed how Orchestrator can be used to model a Web site failure process. In the exercise, the problem was fixed using Operations Manager. The runbook for that fix gets recorded in Orchestrator and it can be reused to address future Web site failures via an autoremediation process.

A typical runbook display
[Click on image for larger view.]
An example of a runbook visual display that can be set to autoremediate network problems.

Final Thoughts...
Well, that's it. I can't say how System Center 2012 compares with other management products out there, but it appears to be learnable, if you have the IT background.

The eight System Center 2012 components all work together, but you will have to switch between them depending on the task at hand. Most tasks in System Center 2012 appear to be wizard controlled or configurable through graphically modeled processes. Still, it takes a lot of IT know-how to get things done. Even the much touted self-service feature enabled through App Controller will require someone savvy enough about IT processes to effectively provision and maintain their cloud space. Perhaps the most impressive aspect of the workshop was gaining an understanding that Microsoft puts out rather good documentation, which will help in learning the products.

On that latter point, those interested in learning more about System Center 2012 to manage private clouds can take advantage of two-day "virtual training" session that will take place on February 21 and 22. It's free to the public. Microsoft also offers online training via System Center Virtual Labs, which presents a series of 90-minute lessons.

Satya Nadella, president of Server and Tools Business at Microsoft, is scheduled to talk more about the cloud at the Microsoft NERD center in Cambridge, Mass. on January 26. Doubtless, company officials also will talk more about System Center 2012 at the Microsoft Management Summit, which is scheduled take place in April.

Here's one more thing. Microsoft now offers a new private cloud certification, which is based on using Windows Server 2008 and System Center 2012.


Subscribe on YouTube