CORE TECHNOLOGY FOUNDATION, INC.
TABLE OF CONTENTS
1 Background
2 Today’s challenges
2.1 The journey to the cloud
2.2 Service Management today and tomorrow
2.3 Existing versus required skillsets and roles
3 What is CORE?
3.1 Why do we need CORE and what is its goal?
3.2 What are the components of CORE?
-
Background
CoreTech is a self-sustaining nonprofit organization, seeking to apply the next generation IT systems, solutions and methodologies to solve some of the world’s most pressing problems. CoreTech specifically works on laying the groundwork for innovations that will empower developing nations to create effective systems to power government, education, agriculture, energy, security, and a range of other sectors. CoreTech is founded on the principle that technical innovation occurs when innovators are freed to focus on the problem at hand and not be crippled by the cost and complexity of the plumbing underneath (data centers, infrastructure, platforms, integration costs, scalability and reliability, etc). To that end, CoreTech is sourcing and releasing systems and tools that compose the essential underpinnings of most applications that need to be developed in the emerging economies of the world, and working with institutions within those communities to collaborate on the outcomes. CoreTech will fund an initial set of solutions that utilize these capabilities to prove out the model and pave the way for an ecosystem of developers in several pilot communities to follow suit.
CoreTech’s underpinning building block is developed in the CORE project. CORE is an acronym for “Central, Open, Reusable, and Easy“ services, meaning that those base-services will drive rapid, inexpensive software development that can run on multiple infrastructure abstraction layers: i.e. any hypervisor, any infrastructure, any PaaS platform. Unlike today’s methods that price many necessary projects out of the market, CORE services are meant to open new pathways for low cost innovation. By providing building blocks into the global community at no cost, students and experienced developers alike can more quickly solve problems and deploy them into the community. Just as the desktop publishing revolution sparked creativity around the world, so too will CoreTech’s CORE services spark technical innovators to try new things at minimal cost.
As CoreTech’s building blocks will drive towards the next generation of a true ITaaS (IT as a service) implementation, not only the needed technology components are of relevance, but also the aspects of skills, processes, governance, service definition and delivery, financial transparency and security. As the target audience of CoreTech’s enabling building blocks are developers, nonprofit organizations, and enterprises of any size, who in particular can drive impactful change for rolling out and/or enabling CoreTech’s end-to-end solutions, it is important to also provide a framework under which existing ITSM (IT Service Management) and ITIL (Information Technology Infrstructure Library) implementations can be adjusted to make use of the new and dramatically improved versions when making use of CoreTech’s CORE services.
-
Today’s Challenge
2.1 The journey to the cloud
Cloud Computing is one of the core drivers and enablers of the 3rd platform. Profit- and Non-profit organizations have been on their journey to make use of the economics of cloud, as laid out in the previous chapter. Additionally, cloud is very often necessary to react on the other megatrends of the 3rd platform. E. g.: Implementing a big data environment to solve a one-time problem for an enterprise in its own data-center, is very often cost-prohibitive, while subscribing to infrastructure in the cloud makes this a feasible approach. Another example is that without efficient multi-tenancy answers it will be hard to react on the end-consumerization phenomenon.
All of that being taken into account, the journey into the cloud and hence its effective and efficient adoption, is a long and sometimes very rough one. Here are some of the big obstacles:
-
Application readiness: An application has to be written in a cloud-ready-way, such that it actually can leverage its economy of scale. A single-tenant application will not become multi-tenant by just being move to the cloud. A packaged application will not automatically scale just because of IaaS (infrastructure as a service) brought by the cloud. Writing cloud-ready application very often requires new skillsets.
-
Budget constraints: According to Microsoft and others, enterprises are spending today approx. 90% of their IT budgets just to “keep the lights on”, meaning focusing on existing applications, infrastructure and the maintenance thereof. So only 10% of the budget would actually be available for new applications, including cloud ready ones.
-
Legacy landscape: Integrating cloud based services, no matter which nature, into the existing landscape is not a simple task. Combining oAuth-authentication for public cloud services with Active Directory based internal authentication is one example. The same is true for logging and monitoring services, chargeback services, holistic security management etc. Integration is one of the biggest obstacles.
-
Governance/Legal/Compliance: Very often, governance aspects prevent from the journey to the cloud. Regulations may require a certain geography where compute and data has to be located, or may even prevent to leave the organisation’s domain at all. Private clouds try to circumvent this, but obviously do not generate as much of TCO saving potentials and still leave the other obstacles very often unaddressed.
2.2 Service Management today and tomorrow
Most organisations today use an ITSM (IT Service Management)/ITIL (IT Infrastructure Library) based approach for service management. ITIL defines best practices for IT service management in order to ensure reliable and continuously improving services as a result.
However, cloud computing paradigms and ITIL as it is applied by most organizations today, do not necessarily fit together smoothly. ITIL application has neither been designed for the pace of the cloud, nor the amount of changes nor the supplier management approach the cloud is asking for. ITIL processes today are often designed for availability of components, the cloud age and the 3rd platform are requiring the reliability and quality of services which leads to a big change in processes for organizations.
Some good examples of what needs to be thought of are laid out in the GlobalKnowledge IT Decision Brief “How ITIL Helps Cloud Computing”:
-
Organizations need to question their perception of ITIL, and need to ensure they use ITIL for its intended purpose. ITIL is a reference that describes generic service management best practices. With cloud, external providers do most of the work, so cloud ops teams must shift to managing services and service providers. Existing ITIL implementation have to be examined to determine whether the internal teams are at the required level of ability. When assessing skills, the following needs to be considered:
-
Service level and supplier management transform from “nice to have” to “absolutely must have.”
-
Capacity management takes on an entirely new meaning, shifting from component (long lead time) to service (near real-time). In addition, with cloud, removing excess capacity is a critical success factor and not a task traditional IT teams are skilled in performing.
-
Event management and monitoring become critical since the cloud service masks the underlying IT infrastructure. User transactions (synthetic or live) become the basis of monitoring.
-
Incident and problem management shift from leading investigations and troubleshooting to gathering information and communicating status.
-
Strategy changes from “build or buy” to “rent” and the service portfolio requires careful attention to maximize benefits.
-
Release cycles in the 3rd platform era are highly different than they have been before. Cloud teams tend to release hourly or at least daily. So, existing release and change management, service asset and configuration management must be tuned to cope with that as well as governance, compliance and auditing need to reflect that. Also, the cloud requires to bring development and operations closer together. The so called DevOps approach provides guidance on how to implement those aspects in an ITIL compliant way.
-
Other applied frameworks (like Six Sigma or COBIT) need to be checked also whether they still keep up and hold water.
-
Service catalogues and the underlying configuration databases (CMDBs) must be often redefined or even restructured to cope with the new cloud mantras.
-
Application design patterns need to be reviewed under the light of the new CMDB/service catalogue design as well as the API-driven approaches required by the cloud.
-
Security design patterns: Security in the cloud or even in a hybrid delivery modell requires a very new approach also due to the end-consumer-focus of the service design.
2.3 Existing versus required skillsets and roles
In order to operate under the 3rd platform’s mantra, a lot of new or at least changed skillsets are required.
-
Technology: Software defined datacenters and its automation stacks are based on very different technology stacks than existing bare metal ones. Even the planning and provisioning of the software define datacenter is a new challenge, specifically when economic aspects like demand side adaptiveness are being of concern. Big data technology is a widely new field, where skillsets like data analysts are needed, which are hard to find and a rarely to be found as employees in organisations other than in the financial services vertical. NonSQL-databases like Mongo or frameworks like Kassandra are different in their application as well as when it comes to their management then well-understood stacks like Oracle or Microsoft SQL.
-
Processes/Operations: ITSM/ITIL versus Devops has been looked at in the previous chapter. This has a big impact on role definition and hence skills required. Also the sourcing strategies need to be questioned, often leading to new vendors and business models which need to be understood and brought into perspective when one’s own strategy is concerned.
-
Development: One of the core exercises to be mastered when becoming part of the 3rd platform players, is to improve speed and efficiency of creating and/or adapting one’s service portfolio and catalogue by either providing new or modifying existing services. Making use of new development frameworks and also languages, finding the right developers to do so, is a big challenge.
-
Security: Security in the cloud or even in hybrid environments is a new art, which requires very often additional, specialized skillsets. This starts from infrastructure operations, to application delivery and begins at service design and implementation.
-
What is CORE?
3.1 Why do we need CORE and what is its goal?
The strategic goal of CoreTech’s CORE can be summarized as follows:
Organizations struggle on their journey to the 3rd platform, its requirements, benefits and challenges. While some companies like Amazon, Google or LinkedIn have succeeded to gather the required skills, to implement the right platforms and processes as well as sustainable business models, most organizations have not. CORE is a suite of tools using open source technologies (software and hardware designs), best practices, training and consulting models which allows non-profit as well as profit organizations to leap-frog and benefit from the learnings which the above named companies have already made. CORE also shall enable developers to start working on their services without having to worry about infrastructure or detailed enterprise/provider integration, while still being able to use existing services as part of their solution.
The reason why CoreTech decided to implement CORE, has mainly got to do that existing solutions have a lot of constraints which prevent from achieving this goal:
-
Proprietary and expensive: Many of the solutions are being provided by the companies, which have made their living based on concepts of the 1st and 2nd platform. Their business models and required margins drive price levels which prevent from wide adoption.
-
Integration aspect: Many solutions, whether proprietary or open source, focus on single elements of the problem, rather than providing a fully integrated, “out-of-the-box” solution which also reflects the legacy induced needs of organisations.
-
Ease of use/focus on the benefits: Such that organizations can quickly leap-frog, they need to be able to focus on the value-creation, innovation part rather than on all the challenges when integration into existing landscapes are concerned. Hence CORE will run on any infrastructure (bare metal, IaaS) or even platform (PaaS) and will integrate with its technology micro-services into all core ITIL domains (security, authentication/authorization, configuration management, logging and monitoring, chargeback etc.)
-
Lock in: A solution has to be designed such, that ideally no lock-in is being generated. CORE’s goal is to free from the burden of technology stack lock-ins as well as to provide to ability to rewrite/overwrite/replace any part of the solution it provides.
3.2 What are the components of CORE?
CORE is composed of the following fundamental building blocks:
Hardware:
-
Hardware design patterns: The hardware design patterns help organisations to come up with their own “Cloud-PODs” based on lowest cost commodity hardware as provided by ODMs like Quanta, Supermicro or the like.
-
The goal is to provide lowest cost alternatives to offerings like VBlock (by VCE) or FlexPOD (by NetApp) and the like.
Open-Source-Software usage:
-
As a Service Framework: No integrate-able aaS-Framework exists today. Fragments (like PaaS solutions as provided by Cloudfoundry/Pivotal or Openshift/RedHat) exist, but no workflow integration into current IT environments are being provided.
-
Infrastructure Abstraction: Organizations are at very different stages when it comes to having achieved maturity for the 3rd platform. Hence, CORE provides a framework that allows running on bare-metal, any kind of IaaS offering (independent of being VMWare or Openstack based), or even on a PaaS layer. The above services, development framework and APIs will not change. They remain the same independent of the underlying infrastructure.
-
Out-of-the-box Microservices for:
Knowledge/Know-How (used for consulting, training and documentation):