Leveraging Cloud Services
Clouds provide a number of services to support running applications. IBM SmartCloud Enterprise provides services for compute resources, image development, network resources, virtual block-storage devices, software bundle management, and SSH key management. Fully leveraging these services requires a new mindset, because they typically replace services that you might traditionally have asked someone else to provide (and then taken for granted). Suppose you're planning to host a new deployment. In a traditional IT environment, you might interact with an administrator in a data center, who would ask you a number of questions. Then, after some investigation and negotiation, you would add your server to a rack in the data center, assign an IP address to it, and set a firewall rule. Finally, the system administrator would leave you to manage data storage, backup, patching, and other tasks independently. On the cloud, these services become part of the cloud's self-service user interface or API.
Image management is one of the first challenges that you'll face with IaaS cloud computing. When you start developing on the cloud, you'll need to learn the basics of image development, making some investment in this area to learn the value of the assets that image-development specialists create. Base operating-system images are created with good security defaults and minimal but sufficient applications for basic use. You must take the time to learn how the base image has been set up, and then try to keep within those conventions for customizing the image. This understanding will help you with image maintenance, especially keeping the image current with the latest security patches.
A virtual machine image is a snapshot of a virtual machine instance, with some runtime data removed (such as IP address, hostname, logs, and swap). The simplest way to create a virtual machine image is to start up an instance, install the software, and save it. This image will be sufficient for your own use and to share with a small number of colleagues. However, if you plan to share the image with a larger set of people, it will be worth your time to automate some software installation and configuration tasks, so that they can be done when users first start their virtual machines. This technique will make maintenance easier, and it will simplify porting to different data centers and multiple operating systems. The base operating-system images will be available at all the various data centers, but considerable time might be needed to copy your custom images to all the data centers, making them available to users around the world. Software bundles and automation scripts take time to develop, but can be managed in a central system to minimize maintenance.
Network services and storage on the cloud are very different. For security, you should host your application on a VLAN and regulate access to it via a firewall or VPN. (More on security in the next section.) There are two basic kinds of block storage:
- Local (or ephemeral) storage is local to the virtual machine instance and therefore runs at high speeds, but it's tied to the lifecycle of the virtual machine.
- Persistent storage has greater capacity than local storage, and it isn't tied to the lifecycle of the virtual machine. Persistency is important for storing large amounts of data and backing up in a portable way.
The most logical strategy is to use local storage to support running applications that are sensitive to I/O performance, and back up your data to persistent storage volumes that typically have a longer life than that of a virtual machine.