Learn about CMP and service governance. See a policy creation demo and use case.
- [Instructor] Okay, let's look at a Cloud managing platform. In this case, we're looking at RightScale. RightScale is an on-demand Cloud based management platform that manages Google and manages Microsoft and definitely manages Amazon web services. So, they provide Cloud analytics, which we're not focused on right now. They offer Self Service Cloud without the wait and so you'd actually, once you link your Cloud environment into this, allocate and manage, resource instances, and then, of course, Governance, control the Cloud with access policies and we'll show you how to do that in a second.
Now, keep in mind that you need to have a Cloud account first, they won't sign up with Amazon for you or sign up with Microsoft or sign up with Google, so when I hooked up to my Azure instance, ultimately, I had to download an XML file from Azure and then upload it into RightScale and authorized my access into Azure and they can see my resources, as you can see on this screen here, and they can basically allow me to allocate resources on Microsoft.
What's cool about this particular tool is that I can leverage different Clouds and so over here, I can add different Cloud environments, I can add different Cloud providers, has a Design section where I have Sever Templates, Repositories, Cookbooks, RightScripts, MultiCloud Images that I'm able to set up, basically I'm just across different Clouds. I can do different reports such as audit entries, has a link into the New Relic tool, which is an analysis and reporting tool, as well as do an infrastructure audit, and then on the management, I can manage instance and services and I can, you know, basically launch things from here and look at my running instances across the various Cloud providers I'm leveraging, so it's a very cool tool in that from a single pane of glass, I'm looking at a very powerful environment that's able to abstract me from the details of the various cloud providers that I'm hooked into.
In this case, Microsoft only, but I could be into Amazon and I could be into Google and I'm able to allocate servers across those various platforms and I'm able to place policies as we'll see in a minute across those various platforms. So, it's a very powerful tool that allows you to do many different things. So, anyway, let's look at the governance feature. So here, as we mentioned earlier, we have three main components. We have Users, we have Groups, and we have Accounts.
So, looking at Users, it's just me, so, this is when I created that, this is when it was updated, and last log on was March 1st, and then, I am looking at groups and actually belonging or basically placing folks into these organizations, in this case, Sales, I believe I'm in this group. You can see me, there I am, and I can actually set up roles and responsibilities that I have. So, within the organization, what is my role? And I have no roles that are assigned, so I can edit them here and I can say that I'm a publisher and save that and then I can figure out my account, don't need to play with that right now, and I figure out child roles that I may have.
In this case, I'm a SS Observer. And let's find Save, right there. So, inherited roles would be publisher and then now a child role out of that would be an SS Observer. The reason we're doing this and we're not going to get into the details, it would take hours to learn the tool, but, we're setting up roles and responsibilities for me as a user so I can be governed as I start moving into various roles and responsibilities. And so, I have a role within sales, so I should probably be given access to the sales information systems and to the sales services and the sales based applications, however, I don't need to see the accounting systems, the inventory control systems, things like that, and all those things can be set up and denied and allowed by writing various policies and so that's what we're doing here is writing policies in this particular tool.
I can see accounts here and that's my child and this is basically a hierarchy in terms of how my account is going to be structured and the different roles and responsibilities that I have. So, the simple thing about this tool is that it really understands that this is about people and devices and by the way I can enter devices into this thing as well and is able to mix and match access based on who's who, what they need to do, and then what they should be allowed to do.
So some of the other capabilities of the tool include Cloud management, you can actually set up computes, network, storage, resource governance things, security groups, volume overviews, server states, publicly accessible ports, active alerts, all these sorts of things can be integrated in this tool as well so not only are you able to govern the various systems but you're able to provide Cloud analytics to understand the costs, in other words, it's a cost to governance tool as well and the aspects of that, we can go in there and see this.
I can build scenarios, I can add instances to the scenarios, and it's doing some number crunching right now, probably going out there and looking at the servers that I have in my Microsoft account and I'll pick the Clouds that I want to use and it supports the six here, you can see that, and I'll pick Azure and these are the cost of the particular instance types that I've launched and so I can see how much ram I'm using and how much hourly cost, they got 18 cent bill, 18 cent bill, extra small 18 cent bill, let's see if it doesn't go any higher than that, I'm good.
202, everything's less than a dollar, so I'm good. I need to delete this after I do the demo but all the costs and the hourly estimated costs that I can be dealing with. This provides costing alerts in terms of what I'm paying now and what I will likely pay and I can also set up budget alerts, I can basically set up instance only, analyze filter, full cost alerts, annual spend, forecast spend, put a budget in there, figure out a duration of time, and able to save the data to a spreadsheet if needed, create the alerts so that I'm emailed if someone's actually going over their allotted amounts and so, it's a very nifty monitoring and management tool but looking at the governance is what we're talking about here.
The capabilities, very simple in terms of dealing with and governing these various resources and environments via Users, via Groups, and Via Accounts. So, anyway, you can sign up for a free account on rightscale.com so I urge you to do that. Just to try a CNP tool and if you want to look at others and they basically provide the same offers, they'll give you access to their on-demand tools for a 90 day, 60 day trial period and you can play around with the technology.
- Cloud governance basics
- Cloud resource governance
- How cloud security and governance are linked
- Defining governance policies
- Cloud management platform basics
- Reviewing service governance tools
- Cloud governance costs
- Understanding your requirements
- Finding the right tools
- Testing cloud governance
- How operations deals with governance