According to Gartner, the fastest growing market among cloud services is the IaaS segment. In 2017, its growth will be 36%, and the cost will be $34.6 billion. This suggests that despite the myths about the unreliability of the clouds, the number of IaaS users is constantly increasing . And more and more companies trust providers with critical infrastructure.
In this article, we will look at what business-critical applications are and what tools help to handle them in the provider’s cloud .
What is a business critical application
Business Critical Applications, or Business Critical Applications (BCA), are applications without which a company cannot operate. They perform key process maintenance and customer service tasks. BCAs are small business tools and large platforms. At the same time, they are created both by the company’s developers and by a third party.
For example, a bank’s transaction processing application is a BCA, and if it fails, the financial institution loses money. The airline booking system is also a critical service, because due to its incorrect operation, the airline loses customers.
Thus, if a business-critical application fails, the organization faces negative consequences: it suffers financial losses, loses customer confidence, and experiences a decrease in employee productivity.
However, it is important to understand that the same application has a different degree of importance for a particular company. This is influenced by the laws in a particular country, the individual characteristics of the organization, the state of the competitive market, etc. Therefore, it is necessary to determine in advance which applications belong to BCA and work out a security strategy.
Reluctance to move
Despite the spread of cloud technologies and the growth of the market, there are still business leaders who do not trust virtualization. The transfer of BCA to the cloud is hampered by concerns about security and performance. However, here you just need to follow a number of rules.
When moving to a cloud site, it is worth comparing the performance requirements of your systems with those indicators that the cloud provider guarantees. Next, make sure that the necessary protection against failures at the level of the data center and individual hardware components will be provided. It is also worth considering the order in which application migration to cloud. At the same time, best practices have been developed
in the community for the implementation of the transition (as well as a list of tips and recommendations), designed to help companies decide on a sequence of actions. The technical support of the provider also helps with this.
Another problem is distrust of the cloud provider. But here the main thing is to carefully approach the choice of a partner. Pay attention to whether the data center has a UTI Operational Sustainability certificate for the declared level of reliability. Also, independently inspect the machine rooms and technological rooms – if you are refused, then, probably, the characteristics specified in the agreement do not correspond to reality.
Business-critical service virtualization is a step that can improve application agility, performance, and disaster protection.
Cloud infrastructure is based on proven technologies. For example, IaaS often uses VMware vSphere virtualization systems. Their solutions have evolved and improved over the years, so they can be considered highly reliable. Next, we will look at the components of this environment that help with the migration of business-critical applications, as well as ensuring their health and safety in the cloud.
The vSphere hypervisor provides software and license consolidation and supports legacy operating systems and applications on new hardware. The solution also allows you to test business-critical applications. To do this, the entire production environment is copied, and experiments are carried out on its copies.
To protect your data, vSphere offers VM-level disk encryption to prevent unauthorized access. In this case, encryption is performed regardless of the operating system.
Infrastructure security is provided by Secure Boot and Enhanced VIB. They prevent changes to system images and loading of unauthorized components. Secure access is provided by multi-factor authentication and role-based access control.
The solution also provides an improved logging system: the system not only reports that changes have been made, but also tells what changes were made. This helps you make smarter decisions based on more data.
vMotion is a vSphere feature that moves a running VM from BCA to a new host. This eliminates system downtime and saves network and connection settings.
At the same time, vMotion encrypts the data during its transfer. Encryption occurs at the VM level. When a VM is migrated, the tool randomly generates a 256-bit one-time key and a 64-bit number. Both of these values are sent to the hosts, which allows data to be preserved even if the channel is “listened”.
vSphere High Availability
High Availability (HA) protects business critical applications without making changes to the software. This component monitors the “health” of servers and, if it finds problems, reboots the VM on other cluster machines on its own. This keeps equipment downtime to a minimum.
DRS clusters ESXi hosts and load balances them. This allows you to efficiently use computing resources and migrate VMs between hosts while the service is running.
If DRS finds a physical server with a small load, the system turns off the power and informs the administrator about the excess power consumption. To identify such servers, the system studies the load on the central processor and RAM.
At the same time, DRS evaluates both physical hosts and the virtual machines running on them. This is necessary in order to correctly prioritize in moments of emergency situations: the system that is important for business applications migrates first. All this is done without disrupting the usual operation of services.
Storage IO Control (SCIO)
SCIO acts as a load balancer in storage for the VM and ensures that one host does not take the entire channel for itself. It is activated at the moment when virtual machines begin to “compete” with each other for accessing data.
Network I/O Control
This tool is similar to SCIO, only it acts as an arbiter when the struggle for bandwidth between virtual machines begins. That is, Network I / O Control regulates the distribution of network resources.
Hot Add / Hot Plug
With these options, the client adds processing power to virtual machines (including those with business-critical applications) without turning them off.
Fault Tolerance protects business-critical VMs using continuous availability clusters. If the main host fails, all VMs from it immediately switch to its copy located on another ESXi server. This minimizes downtime.
In general, the variety of VMware tools makes it possible to secure BCAs and simplify their management in the provider’s cloud. Vendor solutions ensure the reliability of critical services, giving the company the opportunity to focus on developing its own product.