Inchoate Curmudgeon

Red Hat CTO elaborates on lofty ‘cloud’ vision discusses the effort Red Hat is making to engage its customer base on Wall Street:

“In terms of engaging its customer base, for example, Red Hat has worked with Wall Street’s financial institutions to simplify data center operations by capturing a single operating system image, including hardware and software. The payoff: IT has only one image to update and manage, which can be deployed across the network, he said. Currently, Red Hat is testing this technology by burning an OS image onto a USB key and using it to boot up servers, desktops and laptops, he said.”

The thing to note that an effective virtualization strategy does not virtualize the existing, diverse landscape, it redeploys into a highly standardized infrastructure with uniform configurations. Furthermore, the effective process involves discovering the 80% solution, the small set of standard virtualization strategies and standards, that meet the vast majority of workload requirements for the target workloads.

In Enterprise 2.0 Think Tank Deepak states

One of the recurring topics that kept popping up is Governance. And this is really key, because it is a very important aspect that we need to address in Enterprise 2.0. A couple of months ago, I attended the Gartner conference on SOA/Web Services where one of the analysts said something like - If you are doing SOA, you better be addressing governance. No governance, no SOA, no nada. And that is right on.

I couldn’t agree more. SOA is impossible if the IT perspective of service is entirely from the viewpoint of the server. The ability for an organization to rally around the delivery of services rather than hosting applications depends upon the development of business models within organizations that can enable IT departments and business organizations to succeed.

The sense of this can be readily approached from at least these several practical angles:

• Service Management and Monitoring - If you can’t monitor it you can’t manage it; enabling operations to monitor and secure interactions between services is way beyond the technical and operational capabilities of most data centers without new business models. Organizations that have limited capabilities to monitor simple server hardware failures or less are particularly in need of assistance that must be negotiated, not just developed and deployed.

• Standards - The typical IT capabilities around standards and standards enforcement are likely to be outstripped by complex requirements for SOA. Many operations are sorely tested by enforcement of network security standards, network protocol standards, firewall and proxy standards, network appliance, web and application tier interaction standards (e.g. stickiness and statefulness), identity, authorization and authentication standards, web application deployment standards, web application configuration and filesystem security standards to name just a few. SOA will require enforceable standards in these areas as an underpinning to enforceable and monitorable semantic standards for SOA interactions themselves.

Which IT organizations have this level of understanding and control of the applications they support now? I’ll assert they are the ones that have working and healthy governance mechanisms in place. The benign chaos that is tolerable for independently hosted and isolated applications is likely unacceptable for anything but the most rudimentary SOA implementation.