The Optimal Solution for Cloud Migrating of Mission Critical System: IaaS That Meets the Needs of Enterprise
To deal with digital business, there is a need to reevaluate the existing system's infrastructure. more than ever. Moving to the hybrid cloud is one effective way. However, what should be done for SAP HANA or Oracle Database that need to run on physical servers to realize sufficient performance. The truth is that these systems can also be moved to the cloud. This white paper will introduce the cloud service that made this possible.
As we enter a period where digital business is shifting into high gear, an issue that all companies must deal with as they work to aggressively invest in information and communication technologies (ICT) is how they will reduce investment costs and the operational burden related to mission critical systems. In many cases, a large part of the money spent on ICT today is devoted to the operation of existing systems and the routine replacement of hardware. New investment will remain impossible unless companies find a solution to this problem.
One effective way of dealing with this issue is by migrating the mission critical systems to the public cloud. If companies can run their business systems there, then they will no longer need to procure hardware themselves, nor need to regularly replace them. In addition, they can significantly reduce the costs involved in maintaining personnel to run their system infrastructure because they can also leave that up to the cloud provider.
However, some would argue that not all systems can be migrated to the cloud. There is the possibility that IaaS virtual machines cannot provide the performance required by systems that are highly dependent on hardware configurations.
A prime example is SAP HANA. Being an in-memory database it requires the use of a certified configuration that ensures it has enough memory available for its use. Even for Oracle Database there is the risk that migration to the cloud will degrade performance due to its need to be run on high-performance hardware.
It can also be difficult to meet the needs of companies who want to join the trend of moving from "ownership to use" based service models by migrating their existing virtual environments straight from their own data centers to the public cloud. This is because VMware and the other hypervisors commonly used in enterprise systems may not be usable as-is on the public cloud.
Should companies with these kinds of systems give up on migrating to the cloud? In truth, they do not have to, because a cloud service already exists that can meet these kinds of needs as well.
Cloud Service Offering Both Virtual and Physical Servers
The name of the cloud service is FUJITSU Cloud Service K5, or just "K5." Fujitsu announced K5 in May 2015 as a platform for achieving "digital transformation," which includes innovating business processes and creating new business through digitalization. The biggest feature of the K5 cloud service is that it fuses the latest open-source technologies with Fujitsu's accumulated knowledge and knowhow, enabling implementation of a variety of systems in a single cloud. These include both core and other existing information systems, or Systems of Record (SoR) that until now have been operated on-premises, and newer Systems of Engagement (SoE), which are driving digital transformation.
"An important aspect of K5 is that it is offered aimed at enterprises," explains Takashi Saito, VP of Infrastructure development and operation management of the Digital Business Platform Unit at Fujitsu Limited. This means that K5 offers comprehensive, high-quality support that allows companies to use and operate even mission critical systems in the cloud with confidence. And because K5 makes active use of OpenStack and other open-source technologies, it prevents vendor lock-in, while also making the accomplishments of developers in the open-source technology community world-wide available to companies. "It is extremely vital that companies can use IaaS with confidence," says Saito. "With K5, we do this by guaranteeing users with high levels of availability and security."
"Another significant advantage of K5 is that it offers dedicated virtual and physical servers in addition to the virtual servers offered by typical cloud services," explains Masakazu Deguchi, who works as a manager in the Foundation Services Division at Fujitsu's Digital Business Platform Unit. This feature of K5 allows migration of even those systems that had been considered difficult to move into the cloud (Figure 1).
He adds that "customers can use all of K5's services with just one ID, and integrated management can be handled through a single service portal."
What are some specific examples of how these features can be used?
VP, Infrastructure development
and operation management
Digital Business Platform Unit
SAP HANA and Oracle Database Direct Migration to K5
By making use of the dedicated physical server, companies can move systems that require physical servers for optimal performance directly to K5. This means that even those systems mentioned earlier, like SAP HANA and Oracle Database with its high performance requirements can be easily migrated to the cloud.
Deguchi adds that "as dedicated physical servers are physically isolated from other customers' cloud environments, users can bring along their existing Oracle licenses." He also mentions that K5 offers physical storage options where customers can choose their own RAID configurations. For SAP HANA systems, four types of high-performance physical servers are offered that enable high levels of service performance and availability (Figure 2).
For dedicated virtual servers, virtual machines are run on top of hypervisors on hardware dedicated to the client. This allows K5 to meet the needs of companies that want to utilize the public cloud in the same manner as a private one. Two kinds of services are available: a standard service and a service for SAP solutions. Up to 42 virtual CPUs and 245GB of memory can be used per dedicated virtual server for the standard service; while the service for SAP solutions allows use of up to 42 virtual CPUs and 245GB of memory.
Meanwhile, Saito adds that Fujitsu plans to offer Oracle Database as PaaS functions. "We also expect to provide customers with K5 RDS (Oracle) (tentative name), an optional service that uses SQL and APIs to connect K5 to the functions of Oracle Database, which is run on Oracle Cloud in Fujitsu's own data centers. We announced our partnership with Oracle in July 2016 to start working on this, and plans are to officially release it in mid-May 2017."
Foundation Services Division
Digital Business Platform Unit
*Virtual servers for both the Standard Service and SAP Solutions Service offer the same main basic features.
Figure 1: The three types of services offered by K5's IaaS. Dedicated virtual and physical servers are available in addition to the virtual machines offered by typical cloud services.
What is more is that the standard virtual machines available through K5 have been designed with the migration of mission critical systems in mind. They offer both general-purpose and services for SAP solutions. A broad variety of resource configurations are available, with up to 16 virtual CPUs, memory amounts from 512MB up to 128GB, as well as a range of operating systems including Windows and Linux.
Ensuring Security by Embedding Countermeasures Into Service Operations
All of this makes it apparent that a variety of work is being done to enable the migration of a wide range of systems to K5's IaaS. But what about security? Can security that exceeds that of on-premises systems really be ensured for core databases migrated to K5?
Fujitsu deals with this by first offering Trend Micro Deep Security as a Service, which provides anti-malware, firewall, IDS/IPS, web reputation, log monitoring and integrity monitoring functions, and can be applied servers individually. Furthermore, K5 has received ISO 27001 certification, and is currently undergoing an IT Health Check, an audit corresponding to security standards established by the UK Government. It also meets The Center for Financial Industry Information Systems' (FISC) standards for security measures. Fujitsu also plans to obtain Service Organization Control 2 (SOC 2) and Payment Card Industry Data Security Standard (PCI DSS) certification in 2017.
In addition to the above, complete security countermeasures are implemented 24 hours a day, 365 days a year with strong support provided Fujitsu Cloud CERT, an expert team that handles cloud security exclusively (Figure 3).
"With K5, we handle ever-changing threats by constantly performing vulnerability diagnostics, together with the collection, analysis, management, monitoring, and detection of vulnerabilities and related information regarding the cloud service platform," says Deguchi. "By embedding security measures into our operations, and not just offering security features, we are able to offer a cloud service that customers can use with the knowledge that their systems are secure."
In 2018, Fujitsu is scheduled to begin offering Intelligent Dashboard, a service that visualizes IaaS operational status in real time (Figure 4). The Dashboard makes it simple to prevent trouble from occurring, because it shows the system status graphically, allowing users to intuitively gather, analyze, and visualize information.
Figure 2: Example of SAP HANA being used on K5's dedicated physical servers. High performance and availability can be achieved on K5 by physically combining the actual servers that provide the services, the standby servers that provide failover support, and HANA storage
"With regard to operations visualization, we plan to make Intelligent Dashboard available to customers after it has been tested in-house," says Saito. He also mentions that Fujitsu will continue to introduce other features and services with enterprise operations in mind in the future.
"We consider it K5's mission to constantly support the customer, and achieve a cloud service that is one step ahead," Saito says enthusiastically.
Figure 4: Operations Visualization (Scheduled for availability in 2018)
A sample screenshot of the Intelligent Dashboard. Visualizing IaaS operational status enables problems to be ascertained intuitively, simplifying the prevention of trouble.
Figure 3: K5 security measures. K5 is operated 24 hours a day 365 days a year with vulnerability diagnostics, monitoring, and other security measures being performed constantly. This is backed up by Fujitsu Cloud CERT, a team of cloud security experts.
* This content appeared on TechTarget Japan in March 2017.