Cloud Life Cycle Management: How Do I Patch It?
The complexity associated with patching, service packs, hotfixes, upgrades and firmware updates, defined as general life cycle activities, are nothing new to IT professionals. This has been an ongoing effort for many years now, and we have all come to expect that vendors will provide regular updates that include bug fixes, security patches and feature enhancements.
We have all experienced that common call to technical support to be greeted by the phrase: “are you running the most recent updates?” Well the cloud doesn’t change the need for these updates; it can, however, substantially simplify the process and reduce planned downtime...
Recently, I was working with a customer during a strategic planning session for their internal cloud, and I was asked “How am I going to update the cloud?” This sparked some very interesting dialogue between the teams. Presently, they explained, the virtualization team works independently of the networking and storage teams when performing updates.
The teams have only minor dialog when planning, which often leads to confusion and problems during, and after, the updates. When performing updates in any of the infrastructure components, it usually results in planned downtime for their customers. Obviously, they wanted to know how to avoid this in the future.
This gave me the opportunity to discuss some important lessons I had learned from my own experiences of helping customers adopt cloud infrastructures over the past several years. First, if you only change the technology when building a cloud and keep the same processes you have for traditional virtualization today, you should expect the same results.
In other words, if you don’t change the processes, procedures and methodology you will have the same results when you are done, the same planned outages for updates, lagging technology updates and lack of communication between internal teams. Cloud technology requires a new way of thinking to take full advantage of all the benefits of cloud infrastructure.
The technology to perform infrastructure updates without downtime has existed for several years now. Most people using VMware vSphere are leveraging VMware vMotion and some are even using VMware Storage vMotion. Both of these technologies are great for eliminating downtime associated with Host and Storage maintenance and upgrades; they can even be used to meet application Service Level Agreements (SLA).
Check out this YouTube Video on vSphere storage DRS. How about Cisco’s In-Service Software Upgrade (ISSU) for switch upgrades? Most vendors provide technologies to implement non-service impacting upgrades to their infrastructure. So if architected correctly, the technologies exist today across compute, hypervisor, storage arrays, networking and security to seamlessly upgrade components. So what’s the difficulty?
Even with some of the most aggressive operation teams in organizations, existing enterprise change control processes can quickly derail all efforts if the organization can’t adapt to the new ways of thinking. The key here is to document your processes very clearly and define your Service Level Agreements (SLA) to your customers. If customers are consuming pure Infrastructure as a Service (IaaS) then what happens at the infrastructure layer has to be abstracted from the customer. Pre-approved change tickets can be an advantage here for customers planning for maintenance of the infrastructure cloud components.
How do you guarantee that changes won’t affect the production environment and how do you test all the individual components? There are several options that already exist, one being relatively new. The traditional method involves building a separate infrastructure for lab, and testing the upgrades across all components. This testing can typically be very time consuming and still doesn’t guarantee compatibility.
Companies offering Converged Infrastructure solutions such as The Virtual Computing Environment Company (VCE) Vblock, Dell, Hewlett Packard (HP), and IBM offer a simplified approach to patching and life cycle activities for their converged infrastructure. These companies test all of the updates together as a system and then release them as part of a tested bundled solution. It is true that at this point in time there is no one button to push that magically allows you to upgrade everything at once. However, the approach it offers is a much better option than placing all the work on your operations team to test and certify before each update.
This, however, doesn’t eliminate the need for testing; it just reduces the amount of time and effort required for updating. It allows the teams to focus on what they are good at. These vendors are standardizing their release schedules and reducing the amount of updates that are required. I suspect we are going to see a much more automated process in the near future from the Converged Infrastructure vendors.
In conclusion, I would suggest the following if you are looking to refine and enhance the life cycle management of your infrastructure:
- Architect with redundancy at all technology layers
- Utilize the advanced features and tools provided by your technology partners
- Take advantage of simplified and bundled updates from your technology partners
- Leverage your technology partners with operational readiness assessments and roadmaps to help your teams be prepared for the adoption of cloud technologies.
- Plan your updates thoroughly and test appropriately
- » The importance of securing multi-cloud manufacturing systems in a Zero Trust world
- » CircleCI aims to further break down the ‘hornet’s nest’ of continuous delivery with EMEA expansion
- » How smart cybersecurity solutions are increasingly powered by AI and ML
- » How to excel at secured cloud migrations through shared responsibility: A guide
- » Improving application performance in the age of complex infrastructure: A guide