If you have never done any design before, this chapter should give you a good starting point and some useful insights about what is good and proven practice. It will talk about the basic principles you want to put into your design as well as how to document any assumptions constraints and limitations.
The design is probably one of the most important things in any SDDC implementation. However, the design itself will be formed out of the actual requirements and business cases. This is one of the reasons why a business case or at least a use case for an SDDC is very important.
The use case or business case will influence the way the SDDC is configured and shaped, therefore you should put as much effort in documenting the business and use cases, as in creating the initial SDDC design itself.
Another important task is the translation from a business case into a functional design as well as how any technical requirements are directly or indirectly related to a business case.
Besides the specific use case mapping, the SDDC needs to be versatile, scalable, and capable for future undertakings. There should be room for additional functionalities as well as room for adding resources as needed for the future. In the end, an automated data center needs to scale transparently from the user's point of view. Therefore, it needs also to be designed to scale easily and unnoticed for any portal users or programmatic consumption using its API.
This chapter will cover the following points:
- Business needs and the design equivalent
- General logical design principles
- Best practices on taking assumptions
- Scalability of the environment
- Do's and don'ts when designing automation
- Example design considerations
- What must or what can be in the design
This is also often referred to as business use case and should describe an IT need from a business perspective. Many organizations have such cases, but some lack of translating them into IT needs. Sometimes, there is simply no communication between the lines of business and the IT. This often ends in a bad relationship between those two departments. Often the business thinks IT is too slow, complex and ancient to understand their needs and deliver what they ask for. On the other hand, the IT often gets just a fraction of the problem, but then it has already escalated a few times and now only complaints reach the IT department.
Since a successful SDDC is about communication (people, processes, technology) it is important to understand the business needs of an organization to create a solution which is capable of supporting them and even give them an advantage over the competition. The first step of creating your SDDC design is to document and question that business need. Then you can translate it into a technical design and implement it, therefore.
Let's do a sample business case just to give you an impression what the flow of this translation might look like.
XYZ Corp is a well-known insurance company. They are around for quite some time with an established and broad customer base. Their services are based on personal contact with their customers as well as well-trained and experienced employees. Since a few months, another company is taking their business away by approaching their customers and making them change over to them. It has been identified that this new company offers a rich mobile application as well as some add-on services XYZ has not been considered yet.
The application from the competitor collects all insurance reports and can identify and alert its termination. Also, it can identify duplicate contracts and therefore save money for the clients. All this is included for free in this mobile app.
They identified this as a risk to lose more customers and instructed their chief information officer (CIO) to find a solution and come up with their own app including the functionality of the competitor. The CIOs task now is to find out if and how the IT department can deliver this ask. Based on their last meeting, they use virtualization for quick VM deployment. However, all these actions are done manually. The installation of services is handled by a different department and then there is the operations unit who runs all production services. All over all it takes them a little more than 1-5 months to bring a new web server farm up. Not to speak about changing the capacity of a running web server farm and incorporating all the various security and regulatory restrictions.
Note
This is not an unusual use case, although many organization might have their own app, not all are using it as a strategic asset to actively attract customers. There are various reasons why this might be complex, but in the end, there is always someone who has done it and earns all the customer credit with that.
Now, the task for the CIO and his team is to match the business requirement to a technical requirement/IT deliverable. Therefore, the important bits must be extracted and technically translated:
- A web server farm for the mobile app is required
- It needs to be scalable
- Number of users and adoption is unknown
- Other services need to exchange information with this application
- Needs to be joined with existing customer base
- Dynamic deployment of additional services might be required
All these are aspects of an SDDC. The scope seems to be the mobile app, which should possibly serve all existing customers of XYZ Corp. Also, there should be a way to put in new functionality over time and feature enhancements without disrupting the users or long development times.
Besides that, the service should be pre-configured and easy to deploy. Once it is running, there should be an option to either grow it manually or add a monitoring which adds systems based on its usage. This should all happen automatically and without interrupting the service. This is a major factor since application performance is always seen critical by end users.
The Cloud Management Portal (CMP) should be capable of deploying this service automatically. But this will only be used by a limited set of users in XYZ Corp. Probably from the IT engineers, developers and operations groups only. So the design needs to fit for a small set of users.
Also, in order to setup a web server farm, the OS deployment has to be automated. The CMP should be capable of deploying Infrastructure as a Service (IaaS) for OS only, but also to install an application after this deployment has happened.
Also, XYZ Corp has a couple of third-party systems where any new service deployment needs to register into. The automation should fully integrate into those systems to prevent any manual intervention. And finally, a predictive resource analysis might be required, to prevent any shortage of compute, network, or memory resources. This system should work alert based and inform about a possible bottleneck before it occurs. This could then be worked into the procurement planning to make sure additional resources are orders and available before any impact is hitting the running services.
All this should run automated including a basic self-service portal where new services can be ordered/maintained and removed by the portal users.
This was the first step of identifying what might be required to solve this business case efficiently. The next step would be to document all facts and possibilities to further create a design which takes all this into account.
These three components will shape the way you set up and install your SDDC. Let's briefly touch on what each of this terms means in a design and how to identify and document these terms.
A constraint is something you cannot influence nor change in the data center. Since it is non-changeable it should be documented as a constraint to explain why you might have chosen the design you did. Constraints can be various things, they do not need to be only technical, also processes or people can be a constraint. Since a constraint will massively influence the chosen path of installation and configuration, they should all be documented in a table at the beginning of the design.
Here is a sample constraint table:
|
Constraint ID |
Description |
Impact |
|
C001 |
DMZ and production must be physically separated |
More hosts as well as a complex deployment method are required to ensure no DMZ workload can be run on production or vice versa |
|
C002 |
All IP addresses must be obtained from a central IPAM |
IPAM needs to be integrated into the cloud management solution |
|
C003 |
All deployed VMs need to be registered with the CMDB |
CMDB must be programmable (API) and will be integrated with the automatic VM deployment |
|
C004 |
Every non-standard change needs to be approved and documented |
Approval policies need to be used and implemented for possible service changes in the portal |
|
C005 |
No VM template deployment is allowed to be used |
Service deployment has to be configured to do Preboot Execution Environment (PXE) boot for VMs to install an operating system |
This is just an example, there can be various other things and those depend on the organization's processes and operation structures. However, if there is a chance to eliminate a constraint it should be done. Since every constraint might limit your SDDC capabilities.
The documentation of constraints also often helps to get aware of them. Sometimes one might think, that is how it is, or my favorite quote, it has always been like that. Think out of these patterns to identify if some of the constraints are still valid. While eliminating a constraint can sometimes be very difficult (politics, people, processes) it can also be a key factor in making the SDDC successful. So the second part of documenting constraints is, find those which can be eliminated.
Too many constraints can put the whole SDDC at risk since it might end in a non-functioning or non-beneficial state. The third step of getting aware of your constraints is making sure they are not preventing any major SDDC functionality. Data center automation means change and change mean that many tasks or processes need to be revisited if they still make sense in an SDDC environment.
Tip
One weird process for a cloud environment was to open a ticket for deploying a service. Not to document its configuration in a CMDB or ticketing system, but because of the operators had the mandate to do so. If they didn't, their manager will get an alert about their productivity. So they requested that each portal action (deploy a service, change a service, and so on) is opening in a ticket under their names and closes it after it's done. This is a typical example of a legacy process which is not fitting into the automated data center world. While it was possible to integrate this, it was quite a high effort to automate that. So the project was more expensive than initially though. This is the impact of a constraint which might have been able to be eliminated.
Once all the constraints have been identified let's move on to the next topic.
A limit can be physical or logical and describes a circumstance which can't be simply changed. Limits are often technical, but can also be organizational or process related. An organization which has only one data center has this as a limit. It cannot easily stand up a second data center. While this is a somewhat extreme example, there are many limits which sound easy to solve but are as difficult to resolve as the data center example.
The process for the limits is the same as for the constraints. However, limits and constraints can be related to each other. A constraint can create a limit and vice versa, a limit can be present due to a constraint.
A simple example for that is:
The project has a fixed budget, which is a cost limit and cannot easily overcome.
This creates a constraint describing additional costs cannot be covered. The impact would be to keep the design simple and remove some of the planned integration work.
Here is a sample limits table:
|
Constraint ID |
Description |
Impact |
|
L001 |
The core network cannot deliver more than 10 Gbit. |
In order to prevent congestion, multiple nice will be used to separate management, backup, and production traffic. |
|
L002 |
PXE network cannot support more than 10 simultaneous deployments. |
Global service deployment needs to be configured to not exceed 10 simultaneous service deployments if PXE boot is involved. |
|
L003 |
Link speed to the secondary data center is 100 Mbit. |
Asynchronous replication needs to be considered in order to configure DR prevention. |
|
L004 |
Pre-defined project deadline, set before the design/project plan was created to handover the fully installed and running system. |
Scope needs to be re-visited and a reverse project plan needs to be created. Some features might not be implemented due to this deployment time limit. |
|
L005 |
Only two FTEs will support this project. |
Implementation time might be longer given the limited resources. |
In this table, you will notice that C005: No VM template deployment is actually related to L002: PXE limit on simultaneous OS installs. This is an example how constraints and limits might impact each other. If the constraint would move away, the limit would also be gone at once. This would actually make the platform more comprehensive and capable.
Limits are normally quite hard or impossible to eliminate, except they are related to constraints. Therefore a good design has to acknowledge them and trying to work around them. It is important to have a full understanding of all limits before you start your design, otherwise, you might plan for features and then notice that they cannot be used. It is always easier to be well prepared and aware to create your design around that, than trying to improvise later on without jeopardizing the whole integrity and functionality of the SDDC.
Documenting the limits opens up the same opportunity as documenting constraints. They can be re-visited, discussed and maybe there is already a solution to overcome them in the data center. As with the constraints, the important factor is that based on the documented limits it is much easier to follow up than if there is nothing but guessing.
Even the best and well-prepared design team or SDDC architect needs to be educated guessing sometimes. It is just impossible to be aware of every aspect and every requirement before you create your design. Therefore, as well as with the other two, document your assumptions and their impact. Assumptions can be re-visited any time and corrected whenever possible. However, some of them will only reveal once the data center automation has been set up, or once the first couple of services are running. Therefore, assumptions should not lead to absolute design decisions. They should give you a direction and an idea what might be required. Creating a non-reversible configuration which might limit your later use of the platform should be prevented.
However, assumptions are an important part of the design since they will underline why certain things in the system might be configured as they are. It is important to relate them to design decisions since they will help the reader of your design to understand why you took certain decisions. This makes it much easier to form a sound design and also to defend the configuration if required.
Assumptions can cover all sorts of things, beginning from technical assumptions to process based assumptions or application/service based assumptions. Often assumptions are already a big part of any data center. In a bigger organization, the admin sometimes does not know what will be installed on a VM, so they create those VMs based on assumptions and best practices.
In an automated data center there is a lot which can be assumed: Growth, deployments per day, portal users, services, service requirements, service scalability, resource availability, resource constraints, and so on.
This list could get very long. In order to relate that to a design, it is important to list only relevant assumptions which also have a measurable impact on the design and setup of the SDDC.
Here is a sample assumptions table
|
Constraint ID |
Description |
Impact |
|
A001 |
The application supports dynamic scale-out. |
The service needs to be designed to support adding VMs on demand. |
|
A002 |
Only one department/group is using the CMP. |
Only one tenant and business group need to be set up to support this. |
|
A003 |
Backup is done separately and will not be configurable in the CMP. |
Easier integration of services without advanced customization requirements. |
|
A004 |
No advanced networking/firewall rules are required by the application. |
Easier integration of services without advanced customization requirements. |
|
A005 |
Mix of different subnets/VLANs per vSphere host is allowed due to logical network separation. |
Less cost and effort with the vSphere implementation. No custom service design in the portal required. |
While some of these assumptions might sound obvious to you, it is important to understand that in huge projects there is always a chance of misunderstandings. So assumptions can also be used to document soft requirements. If you look at A002, it states that only one department might be using the portal. The design decision, therefore, is to create only one tenant. This saves effort and project time. Also, the decision of creating one tenant is tied to the assumption, which makes it quite easy to understand. Sometimes people change their mind in the middle of a project. This often leads to missed milestones and deadlines. Often there can be a discussion that this change hasn't had any impact on the design. If all the assumptions and therefore the scope is well defined in the beginning, those discussions do not need to happen.
So assumptions are good to keep track with design decisions and also to deliver a valid point why this decision has been taken. Besides of that, they help to guess what impact a change of this assumptions might have on the SDDC implementation/configuration.
Also, all assumptions in this table are linked to specific settings. Those settings can be changed anytime. However, the impact might be configuration/project time as well as costs, but the system is not limited to these configurations. Try always to keep the limiting factor of assumptions and its linked decisions as low as possible. Since assumptions can change rather quickly you might need to re-visit the configuration and adapt it to the new requirements.
While these are some worst-case examples, they are all from real SDDC implementations. A good design is keeping track of these aspects. It is also a good practice to create an ID for each design decision and map it to any of these three descriptions. It will improve the readability and understandability of your design if all decision can be tracked back to a constraint, limit or assumption.