Patent Application
20070100979
This invention relates to data processing. More particularly, this invention relates to virtualized utility service platforms and related methods, systems and devices for provisioning such systems.
The invention is better understood by reading the following detailed description with reference to the accompanying drawing in which:
Background and Overview
Companies are changing their computer/information technology (IT) infrastructures from ones in which they host and support all of their IT-related requirements, to infrastructures in which some or all of their computer needs are effectively outsourced. Today it is possible for an entity to obtain remotely supported and operated computer facilities for most of computer uses and IT requirements. Computers (servers, processors, etc.), computer storage of all types, security features, network access and software can all be accessed remotely, effectively creating a virtual IT department.
As used herein, the term “virtual” with reference to a component means that the user is provided with the functionality of that component, but may not, in fact, be provided with the component itself. For example, a user may have a virtual processor of a certain type. As used herein, this means that the user is provided with access to a processor with the capabilities of the correct type, but those capabilities may, in reality, be obtained in some other manner (e.g., by a different processor).
Existing IT systems have a number of problems. First, in existing virtual systems, each aspect of the system (memory, processor power/capabilities, software, network capabilities, etc.) is separately purchased, configured, supported and managed. This means that a user wanting a certain architectural configuration has to essentially configure each component of that configuration, with the burden being on the user to ascertain the appropriate architecture and components and the burden being on the user to ensure compatibility of the components and feasibility of the architecture. In addition to being time consuming, such systems are inherently error prone. Users are able to set up system configurations that do not work or do not meet their needs. Furthermore, such configurations are often not easily modified.
Traditional systems are implemented as follows:
A customer purchases various desired features and options. Typically these features and options are specified in terms of particular products and systems. For example, the customer may want the functionality of fifty desktop computers. In legacy virtual systems, the customer would try to replicate the actual architecture in the virtual architecture. The customer's order is entered, after which the system has to be appropriately provisioned and then validated. If the system cannot be validated (because, e.g., the customer chose invalid or improper combinations of options and features), then the order has to be modified, re-provisioned and re-validated. The traditional cycle of customer purchase, order entry, system provisioning and system validation takes anywhere from thirty to sixty days. In addition to the time uncertainty (how long provisioning will take), there are associated cost uncertainties. Essentially, a customer cannot tell how much a system is going to cost until the system is validated. Until then, the system may change and have to be re-priced.
The inventors were the first to realize that, given the complexity of IT architectures, it would be highly desirable to automate the entire provisioning process, and that it would be greatly advantageous to be able to reduce the provisioning time, while at the same time providing accurate costing, documentation and system validation. Accordingly, in some aspects, the present invention provides a virtual provisioning system that is capable of going from customer order to system validation much quicker than the legacy thirty to sixty days—preferably in thirty to sixty minutes.
The configuration system according to embodiments of the present invention treats the various components of a system as an integral virtual system.
A virtual platform (Virtualized Utility Service Platform) is provided by provisioning a number of virtual components on an underlying physical system. Thus, with reference to
Each of the various infrastructure components is configurable so as to allow virtual components to be formed thereon, and virtual infrastructures are implemented on the physical infrastructure. A virtual network infrastructure 102-V is implemented on the network infrastructure 102; a virtual computing infrastructure 106-V is implemented on the computing infrastructure 106; and a virtual storage infrastructure 108-V is implemented on the storage infrastructure 108.
Within each of the virtual infrastructures, logically separate components can be configured. For example, the network infrastructure 102 supports a virtual network infrastructure 102-V, within which a particular virtual network 102-V1 can be provisioned. Similarly, the computing infrastructure 106 supports a virtual compute infrastructure 106-V within which a particular virtual compute system 106-V1 can be provisioned; and the storage infrastructure 108 supports a virtual storage infrastructure 108-V, within which a particular virtual storage system 108-V1 can be provisioned.
In this manner, a virtual IT system (made up of various virtual components) can be provisioned. In the example shown in
While
Each of the various components may be individually provisioned in an appropriate manner. The manufacturer of each system typically provides an interface to enable provisioning of their system. Thus, as shown in
As used herein, the term “mechanism” generally refers to hardware, software and/or combinations thereof. A mechanism may be implemented on any type of computer using any programming language or system. A mechanism may provide an API (Application Programming Interface).
The system 100 includes a system provisioning mechanism 126 which interfaces, inter alia, with the various component provisioning mechanisms, i.e., with network provisioning mechanism 118, hosting provisioning mechanism 120, compute provisioning mechanism 122, and storage provisioning mechanism 124.
The system provisioning mechanism 126 is part of a system monitoring and management component 128 which is used to obtain and fulfill customer orders (130), document provisioning artifacts, administer the system, perform billing (132), monitor the system (134) and perform various other functions (136). The various physical and virtual components are preferably operated by a service provider, and users of the system are generally referred to herein as customers of the service provider. The service provider may own and operate some or all of the physical infrastructure. Infrastructure built to support virtual services is usually built with extensive internal redundancy and resource partitioning functionality. These features are often more expensive than the devices sold to enterprises as point solutions. It is more affordable for a service provider to acquire these devices, integrate them with management systems, and spread the cost across multiple customers than the alternative of an end user buying and deploying the same devices.
In typical operation of preferred embodiments of the present invention, a customer is provided with a customer interface 138 which interfaces to appropriate parts of the monitoring and management component 128 and which can be used, among other things, to order or configure a virtual system. The service provider has an administrative interface 140 which allows administrative access to the various components of the monitoring and management component 128. The customer interface 138 and the administrative interface 140 are preferably graphical user interfaces (GUIs) and both are preferably accessible via the Internet. Those skilled in the art will realize that appropriate security procedures are used to control and limit access to the monitoring and management component 128.
In a typical operation of the system 100, a user/customer accesses the order entry system 130 of the monitoring and management component 128 via the customer interface 138 and orders a virtual system. As used herein, a user may be, e.g., a sales representative. The user may order a system by specifying requirements for computation requirements, storage requirements, and network requirements. The computation requirements may include some or all of: number and type of processors, software applications to be run, security requirements, performance requirements, and expected qualities of service (e.g., High Availability Failover Pool) The memory requirements may include amounts of memory of different types, security requirements, and performance requirements. The network requirements may include security requirements, performance requirements, throughput requirements, and connectivity requirements.
The above lists are merely exemplary, and those skilled in the art will realize that other and/or different options may be listed.
The customer may be presented with various billing plans or options, with pricing based, at least in part, on various requirements selected. Those skilled in the art will realize that different billing options and plans may be provided for different customers and for different types of customers.
In some preferred embodiments of the invention, the order entry system 130 will only allow the customer to select compatible components. In this manner, the customer can be assured that the ordered system can be provisioned. In some embodiments of the present invention, the order entry system 130 may present the customer with selections of different exemplary systems that might meet the customer's requirements. The customer may then select and customize one of these exemplary systems.
Customer-selected configurations may be provisioned by the provisioning system 126. In some embodiments of the present invention, the service provider reviews orders before they are provisioned.
When an order is filled and a virtual system is provisioned, the customer is given access to the virtual system. In preferred embodiments, each virtual system is monitored (by monitor mechanism 134) in order to check that the virtual system is operating correctly and satisfying the customer's requirements. In some embodiments of the present invention, a customer may elect to have a system re-provisioned when monitoring reveals that the virtual system is not able to meet the customer's requirements. In this manner, customers are able to order minimal virtual systems and to automatically add capacity when needed (or remove capacity when not needed). This allows customers to only pay for what they use or for what is actually provisioned. Either (or both) of the billing/payment models—capacity provisioned vs. capacity used—may be used.
Network: In presently preferred implementations of the invention, the network infrastructure 102 uses one or more high-performance security switches (such as the Savvis Virtual Services Switch—VSS). As part of the invention's virtualized services delivery platform, in some implementations, the Virtual Service Switch centralizes network, security, and performance services onto a single platform. Multiple security functions including firewall, VPN, SSL acceleration, and load balancing are consolidated and virtualized using a Virtual Service Switch.
One presently preferred implementation, uses the Virtual Services Switch to provide application services such as firewall, load balancing, and ssl termination. The VSS platform is composed of two main components. The first component is the centralized management system called CenterPoint which is used for monitoring, configuring, provisioning, and managing the VSS hardware. CenterPoint is used to create, configure, and deploy client configurations. The VSS hardware is the second component. The VSS hardware includes input/output interface cards, service processing modules (SPM), and switch management modules. The hardware is where the client traffic resides and is subsequently subject to one or more of the aforementioned virtual service module services.
Computing: The computing infrastructure 106 is preferably made up of a number of processors such as, e.g., Egenera BladeFrame™ computers, sold by Egenera, Inc., of Massachusetts.
In the presently preferred embodiment, the computing infrastructure 106 is made up of a collection of server processors in a rack. In current versions, each system includes processing blades, redundant control blades, redundant switch blades and a redundant backplane. The control blade hosts manager software which manages the computing infrastructure. Two control blades provide external I/O connectivity for the processing blades and run the management software. Control blades have connections to external devices.
In some preferred embodiments, processors in the computing infrastructure 106 are connected by high-speed, switched-fabric interconnects which provide switching for internal (blade-to-blade, TCP/IP traffic) and external traffic. In some embodiments, these switched-fabric interconnects automatically load balance traffic.
In some presently preferred implementations, the architecture of the computing infrastructure system virtualizes data center infrastructure by creating a pool of server resources from which private, secured configurations can be dynamically allocated to support an application and then disbanded if necessary. With this approach, server capacity no longer must be dedicated to individual applications, and services are not tied to specific hardware or network paths. As a result, clients need pay only for the resources they use and have access to powerful features such as high availability, disaster recovery and real-time scalability without over-provisioning.
Storage: Preferred storage infrastructure systems support different external storage subsystems, including NAS (Network-attached storage), SAN (Storage Area Network), and Small Computer System Interface (SCSI) external storage subsystems. In a presently preferred exemplary implementation, the storage infrastructure 108 is made up of 3Par Inserv S400 storage servers, sold by 3PARdata, Inc. of Fremont, Calif. The storage infrastructure 108 is a scalable and controllable information infrastructure.
Those of skill in the art will realize that other appropriate systems may be used for the various infrastructure components. In addition, those of skill in the art will realize that other aspects of a virtual system, e.g., security and software requirements, may be separately provisioned, and that a virtual system according to embodiments of the present invention is not limited to the four components shown.
The virtualized utility services of the present invention provide many advantages over legacy systems. The virtualized utility services delivery platform according to embodiments of the present invention is based on advanced, automated software management and provisioning systems that provide customers with a simple, yet comprehensive end-to-end view of their IT infrastructure. This visibility across network, hosting, compute and storage platforms creates efficiencies, enabling the service provider to be much more responsive to customers' needs and to reduce customer dependence on redundant hardware.
Unlike the traditional service provider model, in which companies must pay for excess and unused capacity, the virtualized delivery platform according to embodiments of the present invention routinely and automatically optimizes resource allocation for each client. This allows customers to pay for only what they use. Additionally, it lessens the burden of capital expenditures and legacy systems. As a result, the platform increases a company's flexibility and agility, making it possible to add new applications, increase server and storage, and expand the network in less time than conventional alternatives.
Thus far the invention has been described with reference to the provisioning of the hardware components of a system. A IT system may be viewed in an hierarchical manner, e.g., as shown in
In some embodiments of the present invention, mechanisms are also provided to enable virtual provisioning of the middleware and applications levels of the system.
The hardware provisioning mechanism 204 essentially corresponds to the system provisioning 126 described above with reference to
By providing an hierarchical provisioning system, a user is able to provision an entire system by specifying his requirements at any of the levels in the hierarchy, in some cases without specifying the requirements for lower levels. For instance, a particular user may require accounting functionality for a certain number of users. That user can invoke the system provisioning mechanism 202, specify the requirements at the application level and have the entire system (hardware, middleware and application) provisioned. Another user may wish to provision a system at the middleware level, e.g., to use or support a particular operating system. That user can invoke the system provisioning mechanism 202, specify the requirements at the middleware level, and have the entire system (hardware and middleware) provisioned.
An exemplary provisioned system is shown by the dashed line (denoted 202 in
In order to support this hierarchical and intelligent provisioning, the system maintains a list or database of hardware requirements for each type of middleware and of hardware and middleware requirements for each application.
As described above with reference to the hardware provisioning, the system monitors the virtual system and can modify the resource allocation as needed.
Aspects of an exemplary implementation of are now described, along with an exemplary work flow and ordering system. Those skilled in the art will realize that other work flows and other implementations are possible and are within the scope of the invention.
Some or all of the following are options provided by GUI to users in an exemplary implementation of the invention. The user is able to select the desired option using an appropriate selection mechanism (e.g., mouse, keyboard or other device).
Database Software:
Server Application:
Web Application Software
Remote Access Applications
Storage Software Applications
Utility Storage
In some presently preferred implementations, the following other features may be purchased by customers. utility security firewall; managed utility SSL acceleration; customer access; and managed utility load balancing service.
In a presently preferred implementation, utility storage is sold in fifty Giga Byte increments. Other increments are considered to be within the scope of the invention.
In some cases, the selection of certain options may preclude (or enable) other options. For example, selection of a certain type of processor may preclude (or require) certain types of memory. In these cases, the GUI enables or disables certain options, as appropriate. E.g., for storage software applications, High Availability (HA) is the only option available when the Operating System of the parent Managed Server or Virtual Server is any version of Linux.
Pricing
Any type of pricing scheme may be used. In some cases, components are priced per unit, in others for use. Combinations of these schemes may be used. E.g., processors may be priced based on a CPU count. Bandwidth may be priced, e.g., based on Mbps Burstable Bandwidth, i.e., is the minimum/base burstable bandwidth tier the customer has purchased. This will be the customer's minimum charge for bandwidth per month. For hosting, preferably per megabyte pricing is used. The pricing is preferably set up to capture revenue as higher meg usage is generated.
While the invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not to be limited to the disclosed embodiment, but on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
This application claims the benefit of U.S. Provisional Application Serial No. 60/731,937 filed Nov. 1, 2005, the entire contents of which are herein incorporated by reference.
| Number | Date | Country | |
|---|---|---|---|
| 60731937 | Nov 2005 | US |
