560 likes | 688 Views
Federal Data Center Consolidation Initiative (FDCCI) Industry Outreach Forum. Department of Interior Auditorium August 30, 2011 9 AM – 11:30 AM. Welcome. Bernie Mazer CIO Department of the Interior. 2. Objectives. Scott Renda Portfolio Manager
E N D
Federal Data Center Consolidation Initiative (FDCCI) Industry Outreach Forum Department of Interior Auditorium August 30, 2011 9 AM – 11:30 AM
Welcome Bernie Mazer CIO Department of the Interior 2
Objectives Scott Renda Portfolio Manager Office of Management and Budget (OMB) 3
Background and Objectives • FDCCI launched in February 2010 • Integral to the 25 Point Plan to Reform Federal IT • By 2015, consolidate 800+ data centers. As of July 2011: • 373 data centers planned for closure • 81 already closed • Agencies addressing numerous challenges as they consolidate • Seeking industry insight on best practices and proven approaches Objective: Repository of White Papers available to agencies 5
Data Center Consolidation Challenges • Preparing the Receiving Data Center for Consolidation • Leveraging Cloud Services • Migration Planning, and Execution • Tools for Tracking and Managing Inventory • Tools for Mapping Applications • Energy Efficiency Assessment 6
Panel I Moderator - Kathy Conrad, Principal Deputy Associate Administrator, Office of Citizen Services and Innovative Technologies, GSA Preparing the Receiving Data Center for Consolidation Jim Steven, Deputy Associate CIO for Data Centers, USDA Leveraging Cloud Services David Harrity, Network Services Branch Chief, Department of Education Migration Planning, and Execution David Updike, Acting Director, EPA National Computer Center 7
Panel I Preparing the Receiving Data Center for Consolidation Jim Steven Deputy Associate CIO for Data Centers USDA 8
Selecting the Receiving Data Center for Consolidation Primary Site Selection Criteria • Exposure to Hazards • Natural • Man-Made • Local Utilities • Available Commercial Power Capacity/Diverse Sources • Rates • Bandwidth Availability • Available Capacity to Support Current & Future Needs (e.g. Lit & Dark Fibre) • Diverse Sources • Construction/Maintenance Costs
Preparing the Receiving Data Center for Consolidation Physical/Personnel Security Evaluation/Enhancements • CCTV W/ DVR Capabilities • Access Control Armed Guards High Security Locks/Site Perimeter Controls Biometrics • FPS Evaluation Against DOJ Secure Facility Standards • Minimum Level of Security Clearance Required for Personnel Working in the Data Center DRAFT
Preparing the Receiving Data Center for Consolidation Power/Cooling/Infrastructure Evaluation/Enhancements • Determine Uptime Requirements Based on Intended Use (e.g. Production; DR; App Dev) • Backup Emergency Power Source for Data Center Loads (including mechanical equipment) with Capacity to Meet Need • 24 Hour Service Contracts in-place for UPS, Generators, Batteries, HVAC, and Fire Suppression Systems • Fire Suppression Systems - preferably dry pipe and/or gas • Installation of Alarmed Water Monitoring System within the Data Center • Re-routing of Water Piping and/or Drains Installed Above the data Center Space • Plan/Implement Floor Layout (Hot/Cold Aisles) • Available Space Meets Long Term Need DRAFT
Preparing the Receiving Data Center for Consolidation Establishment of Systems Processes/Standards • Guidelines for Server Configuration Hardening • Monthly Vulnerability Scanning Performed on All Systems and Computing Platforms • Patch Management System In-place to Address Vulnerabilities • Certification and Accreditation of All Data Center General Support Systems • Documented Incident Response Processes and Procedures In-place and Periodically Exercised • Disaster Recovery, Business Continuity and Emergency Response Plans/Processes Documented and Periodically Tested DRAFT
Preparing the Receiving Data Center for Consolidation Establishment of Management Processes/Standards • Data Center Service Delivery Model Aligned with IT Infrastructure Library (ITIL) Processes • Service Level Agreements and Performance Reporting Metrics Documented and In-place • Standard Operating Procedures for Scheduling Maintenance Documented and In-place • Data Center Costs and Customer Service Benchmarked Against Industry DRAFT
Selecting/Preparing the Receiving Data Center for Consolidation Challenges Encountered • “Spot” Cooling Problems Related to Denser Computing Loads • Data Center Efficiency • Deploying Green Technologies • LEED Certification? • Time to Market for Bandwidth Augmentation • Evaluating Utilities for NERC CIP Compliance • Uptime Tier Equivalent - identify costs between tier levels DRAFT
Panel I Leveraging Cloud Services David Harrity Network Services Branch Chief ED 15
Leveraging Cloud Services • Using Cloud to accelerate closures • Standardization • Creating Standard Platforms • Service Models • Infrastructure as a Service (IaaS) • Platform as a Service (PaaS) • Software as a Service (SaaS • Deployment Models: • Community Cloud • Public Cloud • Private Cloud • Hybrid Cloud
Using Cloud to Accelerate Closures • Value Proposition – Cloud Service Providers develop solutions that drive agencies to accelerate data center closures • The “Cloud First” policy and FedRAMP programs supports the data center consolidation Initiative • NIST Cloud Computing Working Group @ http://www.nist.gov/itl/cloud/ • EPA is working with the IT industry to identify ways in which energy efficiency can be measured, documented, and implemented in data centers. EPA has several initiatives currently underway: • Guiding Principles for Energy Efficiency • ENERGY STAR Rating for Data Centers • ENERGY STAR Data Center Product Specifications
Standardization of Cloud Services • Value Proposition: Cloud Service Providers creating standard platforms for desired Service Models & Deployment Models • Agencies are driven towards standardization as a means to drive lower costs while increasing compliance with major Federal regulations. Examples may be: • Describe (aka, map) how your offering(s) align to NIST SP 800-53 controls for FISMA compliance. • Describe how your services map to ITIL v3 & ISO/IEC 2000 for IT Service Management. • Describe how your services map to COBIT for IT Governance. • Describe your efforts with the Cloud Computing Standards Roadmap WG. • Visit the NIST Inventory of Standards Relevant to Cloud Computing http://collaborate.nist.gov/twiki-cloud-computing/bin/view/CloudComputing/StandardsInventory • Service Level Agreements – Describe your predefined non-negotiable agreements and negotiated agreements. [NIST SP 800-144]
Interoperability of Cloud Services • Value Proposition –CSP provides agencies with interoperable solutions that allow ingress/egress migration between CSPs • How Does Your Solution Map to Interoperability Standards: • Open Virtualization Form (OVF) • Open Cloud Computing Interface (OCCI) • Cloud Computing Data Management Interface (CCDMI) • OAuth, SAML, and the host of standards available for providers and their customers • Examine Service Providers’ Obligations Upon Contract Termination for Returning and Purging Data • E-Discovery – Describe how your offering supports E-Discovery including the archival preservation of original metadata
Security of Cloud Services • How Does Your Offering Map to NIST Special Publication 800-53? • This must be done for an agency to authorize a solution, might as well do it proactively • How Does Your Offering Map to NIST Special Publication 800-144, Guidelines on Security and Privacy in the Public Cloud Computing • Examine and Describe How Your Services Map to HIPAA, PCI DSS and SAS 70 • When appropriate for a given agency • Participate in the NIST Cloud Computing Security Working Group • Leverage the FedRAMP Process to “C&A once” for Iterative Implementation of Cloud Solutions
Migrating to the Cloud • Selection of Apps to Migrate • Identify everything that’s moving (Physical /logical) • Schedule of events, timeline, load & unload plan • Identify required resources • People, systems, logistics • Identify gaps in new location resources • Bandwidth, power, cooling, storage… • Risk mitigation • Dependencies, interdependencies, criticality • Identify where it’s going • New facility/rack/slot location • Develop move sequencing plan
Panel I Migration Planning and Execution David Updike Acting Director, EPA National Computer Center 22
Migration & Execution Challenges • Physical Plant • Managing floor loads expanding data centers and server rooms • Managing network and power cabling services within an expanding data centers • Estimating power and cooling loads for migrating applications • Maximizing power & cooling efficiency in legacy data > 1000 sq feet • Maximizing power & cooling efficiency in server rooms less than 500 sq ft • Racking solutions for co-locating heterogeneous server and storage platforms • Security Management • Managing physical access controls in a multi-tenant data center • Managing logical access controls and remote server administration in a co-location data center • Managing FISMA compliance in multi-tenant data center
Migration & Execution Challenges • Network Management • Estimating application network requirements and migration impact (LAN, WAN, Storage) • Networking architectures to optimize multi-tenant data centers and server rooms • Networking solutions to enable or simplify wide data center consolidation across WAN • Storage Management • Data migration strategies for data center consolidation • Storage platform consolidation (MF/Midrange/workgroup) • Integrating heterogeneous storage platforms • Relocating physical storage • Integrating backup and recovery solutions within and across data centers
Migration & Execution Challenges • Hosting Platforms • Mainframe relocation & consolidation • Midrange server relocation & consolidation • Workgroup server relocation & consolidation • Application Consolidation • GIS application consolidation • Legacy client/server consolidation • Consolidating latency sensitive applications • Consolidating user file services • Consolidating local productivity applications • Assessing cloud readiness Cloud
Migration & Execution Challenges • Data Center Consolidation Project Management • Proven tools, templates & services supporting • Relocation • Consolidation • Application Migration • Application cloud readiness • Key attributes for solution candidates • Proven technology and/or service • Real world successful implementation examples • Large enterprise context • Government or Commercial • Tangible ROI model • Accessible via GSA schedule or GWACS vehicles
Tools for Mapping Applications • Critical and Overlooked Step in Migration • Understand dependencies and what will happen if the system is turned off or moved? • Critical for establishing move groups and developing risk mitigation plans • Understand minimum system requirements • Other benefits • Documenting System average / peak loads, Storage utilization/requirements, average / peak number of users, Bandwidth requirements (KB’s per second, per week) • Critical for evaluating alternative options • Managed hosting, colocation, Cloud… • All major vendors have tools available • Most are not plug and play. Must be customized • May plug into existing CMDB ecosystem • Data Center consulting companies usually have custom toolsets
Panel I Questions and Answers Moderator: Kathy Conrad Principal Deputy Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration 28
Panel II Moderator - Kathy Conrad, Principal Deputy Associate Administrator, Office of Citizen Services and Innovative Technologies, GSA Tools for Tracking and Managing Inventories Tim Schmidt, CTO, DOT Tools for Mapping Applications Bruce Downs, Federal Lead and Program Manager, Data Center Consolidation, DOI Energy Efficiency Assessment Jake Wooley, Program Manager, IT Sustainability, OCIO, DOE 29
Panel II Tools for Tracking and Managing Inventories Tim Schmidt CTO DOT 30
Challenges to the Data Center Inventory • This is a Huge Inventory – It Is Not Pure IT • Multiple infrastructures and types of operations • Physical infrastructure (power, cooling, electrical, etc.) • Applications infrastructure (servers, OS’s, application software) • Network infrastructure (routers, switches, circuits) • Multiple operations groups within each agency • Multiple types of data that do not correlate well • Relationships between the different infrastructure data are difficult to see in static reports and spreadsheets • There’s No Magic Pill • Integrating inventories with new tools is costly • Some level of manual verification will always be required • Staff must understand strategic link between inventory collection and consolidating data centers
What Do We Need from our Current Inventories for Consolidation Planning? • Ensure We Can Fulfill Reporting • Understand How to Leverage Current Tools to Answer Pressing Questions and Inform Strategy • INFRASTRUCTURE • TYPE • QUESTIONS FROM INVENTORY DATA • STRATEGY AND PLANNING QUESTIONS DATA CENTER • Per space, how much is current power, cooling putting systems at risk or impacting rack utilization? • Is this a space that should be consolidated sooner, or should it come later? What is cost/benefit? APPLICATIONS • Per space, what are the server workloads, what systems are supported, what is/is not virtualized • What can we virtualize, what requires a fork-lift to the receiving data center, are some applications no longer needed? NETWORK • Per application, what is current network utilization; what is network configuration between site, end users • What are required response times, how much bandwidth do we need at receiving data center, what is cost?
What Do Agencies Consider as We Think About New Tools for the Future? • Do Tools Support an Application Mapping Capability? • We understand the importance of application mapping for conducting successful migrations • However, we may not fully understand the inherent complexities • How Well Do Tools Integrate Inventory Functions for Data Center, Applications, and Network Infrastructure? • How well do vendors understand our current environment and how complex would this integration be • What is the Cost/Benefit for Deploying a New Inventory Tool vs. Staying with Current • How long would it take • What would it cost and how long is the payback period
What Is the Best Way to Continue this Dialogue with Individual Agencies? • First, try to learn as much as possible about our current environment from publicly available documents or other points of contact within your own company • Be able to demonstrate how your inventory product is different from what we are currently using, or how it complements what we are currently using • Talk to a practical implementation strategy for your tool in our unique environments • Provide some ballpark estimate of how much it would cost to implement • Make sure you have a technical resource on hand to answer substantive questions
Panel II Tools for Mapping Applications Bruce Downs Federal Lead and Program Manager, Data Center Consolidation DOI 35
Applications/Service Perspective • Applications Assessment is a Full Life-cycle Requirement
Current Processes/Capabilities • Manual Processes • Many Stakeholders • Labor Intensive • Multiple systems • Manual Errors • Incomplete • Time Delay
Objective Processes/Capabilities • Improve Effectiveness/Efficiency • Automate What Makes Sense • Free Workforce for Other Activities • Leverage Existing Systems, and “Cooperate” with Installed Base • Short Learning Curve • Low Infrastructure Resource Overhead • Short-Term, Positive Return-on-Investment • Facilitate Sustained Performance Analysis
Assessment Overview MODEL ASSESSMENT TOOL RESULTS Plan of Action Waiver Process
Decision Support Overview START DATA COLLECTION ANALYSIS ASSESSMENT DECISION IMPLEMENTATION A A A A A A A A A A A A A A A A Funds/Budget/ROI/Cost Migration Urgency Qualified Cloud Provider Qualified Non-Cloud Provider Tech. Fit & Feasibility Security Req. & Impact Lifecycle Stage Migration Complexity Priorities & Comp. Req. Sys. Complexity Mitigation Ability to Execute Auth. to Proceed Mandates & Policy Bus. Req. & Impact Risk & Probability Data Classification B B B B B B B B B B B B B B B B C C C C C C C C C C C C C C C C BUSINESS SHOULD CLOUD TECHNOLOGY MC1 PLAN SHOULD NON-CLOUD MC2 IMPLEMENT DOCUMENT ISSUE RESOLVE ISSUE MAINTAIN GOVERNANCE SHOULDN’T MC3 RE-EVALUATE MC4 FUNDING & PROCUREMENT CAN’T MC5 MC = Migration Category
Dependency Overview • Document Customer/Application Relationship • Public-User-Program-System Owner-Local Managers • Technical Dependencies • Data access (Permissions, location, firewalls, ports & protocols…) • Applications Interfaces • Operating Environment (Software & Hardware) • Business Model/Service Delivery Model • CoOP/DR • Document and meet requirements • Functionality • Access • Capacity • Performance • Security • Legal/Policy
Lessons Learned • Scope of Questions Asked Requires Different Expertise to Answer the Data Call • Includes business, technical, governance, and funding & procurement • Sequencing and multiple access for manual inputs • Tool Issues Addressed • Successful roll-out requires proper communication and introduction to the Tool and the Assessment Process; and • Clear documentation of definitions and terminologies, along with sample examples help in improving Agency-wide feedback consistency. • Is There a Better Way? • What Questions Should Be Asked?
Panel II Migration Planning and Execution Jake Wooley Program Manager, IT Sustainability, OCIO DOE 43
FDCCI & SSPP: Energy Efficiency is the Common Goal CurrentSituation Performance Measures Comprehensive Approach Where are the Opportunities? What are the Challenges?
Data Center Energy • Data Centers Are Energy Intensive Facilities • 10 to 100+ times more energy intensive than other commercial space • 2.5% of U.S. Electricity consumption in 2011 • Power and cooling constraints in existing facilities • Data Centers Are Not Exempt from Federal Efficiency Requirements
Data Centers are 2 Lines of Business with Different Incentives Energy Needed vs IT Infrastructure IT Systems Performance & Availability Operational Control of Floor Space Energy Efficiency NOT an Incentive(if you don’t pay the power bill!) Facilities Infrastructure Utility Service Provider – Only Pay the Electric Bill Little Operational Control(therefore, no way to lower the costs) Actual Energy Usage IT Infrastructure Facilities Infrastructure ENERGY WASTE PUE = 2.0 PUE = 1.4 $
Data Center Variability • Energy / GHG • Power sources • Power loses • Cooling • CPU Utilization • IT Systems • Staffing • Systems consolidation • Space costs • Lifecycle replacement • Energy / GHG Efficiency vs IT Systems Efficiency • Facilities vs IT Systems Management • High-Performance Computingvs Business Automation We need a comprehensive approach that recognizes differences in purpose yet drives efficiencies. We need a comprehensive approach that recognizes differences in purpose yet drives efficiencies.
Energy Efficiency Opportunities • Server consolidation • Virtualization • High efficiency power supplies • Load management • Better air management • Move to liquid cooling • Optimized chilled-water plants • Use of free cooling • Heat recovery Power Conversion & Distribution Server Load/ComputingOperations Cooling Equipment • On-site generation Including fuel cells and renewable sources • CHP applications • (Waste heat for cooling) • High voltage distribution • High efficiency UPS systems • Efficient redundancy strategies • Use of DC power On-site Generation
Potential Benefits of Data Center Energy Efficiency • 20-40% savings typical • Aggressive strategies can yield 50+% savings • Extend life and capacity of infrastructures • But is mine good or bad?
Benchmark Energy Performance • Compare to peers • Wide variation • Identify best practices and efficiency improvements • Track performance • Can’t manage what isn’t measured