Multi-level approvals, infrastructure provisioning and management with Red Hat CloudForms
Multi-level approvals, infrastructure provisioning and management with Red Hat CloudForms
With the evolution of the cloud, the need for a centralized system that could manage all the integrated tools and tech was on the up. Thanks to cloud management platforms, we have what we all were looking for. Cloud management platforms bolster the monitoring and controlling of associated resources with all the necessary information about the associated tools.
Red Hat CloudForms is a prominent name that comes to my mind when I think of cloud management platforms. It is popular for its web-based GUI that can efficiently manage IT services and applications through a high level of automation. With CloudForms, we can automate a wide range of tasks to eliminate errors and drive associated processes. This, in turn, elevates the operational efficiency of organizations considerably. It is capable of automating, provisioning, and load balancing of virtual machines. At the same time, it can help in implementing smart virtual machine workflows, managing the infrastructure, and automating cloud instances, among others. You can also enable self-service tenant end-users who have authorization-based access to services, track requests, and other account management tools.
In this blog, I will be talking about some of the interesting features of CloudForms and explain its architecture & workflow with reference to a solution that we, at Opcito, provided to one of our customers. Let’s begin with the features of CFME-
Features of CFME
- Insights - Insights refer to gathering intelligence about virtual or cloud infrastructure so that they can be managed effectively. One of the important functions of the CloudForms server is Smart Proxy. A server having this function can initiate SmartState analysis on a virtual machine, template, instance, or even Docker containers. SmartState Analysis is a patented technology that scans the container or virtual machine’s disk image to examine its contents.
- Control - Based on the information retrieved from the insights, the control functionality of CloudForms enforces security and configuration policies. When critical virtual machines are running at unusually high utilization levels, CloudForms will alert and trigger automated workflows that will dynamically scale out the application workload by provisioning more servers.
- Automate - Automate allows us to create and use powerful workflows using the Ruby scripting language and features provided by automation engine such as state machines and service models. CFME automates the orchestration of workloads and resources in virtual infrastructure or cloud.
- Integrate - With the Integrate feature, CloudForms can connect and integrate with many enterprise tools and systems. There are many Ruby gems that enable automation scripts to connect to both RESTful and SOAP APIs. It also has libraries that ease integration with databases.
CloudForms Architecture
A standard system architecture involving CloudForms comprises tenants, groups, and users. Let’s see the role of all these individual components in the architecture -
- Tenants - Tenants share the platform but are completely isolated from one another. They have their own data, network, and security.
- Groups - Groups can be segregated into three categories viz. Approver, Requester, and Viewer. Specific roles are assigned to each of these groups.
- Users - Users belong to different groups and have access based on roles assigned to the groups that they belong to.
- Provisioned Operating System - We can provision a VM with Redhat or Windows as operating system depending on the specifications given in the VM provisioning request.
CFME Providers
CloudForms integrates provider or manager systems to collect data and perform operations. An external virtualization, cloud, or container environment managing virtual machines or instances on different hosts is termed a provider. Similarly, an external environment managing different resources is termed a manager. Now, let us take a look at providers and managers in CloudForms that you might have to deal with to meet specific requirements, along with some of the examples -
- Infrastructure providers include Red Hat virtualization providers, OpenStack infrastructure providers, VMware vCenter providers, Microsoft SCVMM providers, etc.
- Configuration management providers include Red Hat Satellite 6.
- Automation management providers include Automate, Ansible, Ansible Tower, etc.
- Cloud providers include Openstack Providers, Azure Providers, Amazon EC2 Providers, Google Compute Engine Providers, etc.
- Networking management providers include SDN providers, OpenStack Network(Neutron), Azure Network, Amazon EC2 Network, Google Cloud Network, etc.
- Middleware management providers include Hawkular open source project, JBoss Operations Network, etc.
- Container providers include VMware, Docker, Google, etc.
- Storage managers include Amazon Elastic Block Store, OpenStack Block Storage (OpenStack-cinder), OpenStack Object Storage (OpenStack-swift), etc.
Workflow of CFME
Now that we have a clear understanding of the components and the features of a typical CloudForms system, let’s see the workflow and steps involved in the VM provisioning process-
- Request for VM provisioning - In VM provisioning, first, the requester has to send a request with all the specifications required in a VM that is to be provisioned. For this, the user must log in as a requester.
- Levels of approval - Once the request is sent by a requester, it will go to the approver belonging to the same tenant and group that the requester belongs to. After observing all the requirements for VM creation, an approver can approve or deny the request. While approving the request, the approver needs to mention the reason for request approval. And the VM provisioning will happen automatically in the subnet and VLAN you specified in the request. If the approver denies the request, it will be rejected, and the flow will be terminated.
What more can we do with CloudForms?
In the architectural diagram given above, you can see two additional blocks. These are enhancements that were requested by one of our clients. I will give you a quick overview of those, and in addition, I will explain how you can add multi-level approval.
- Multi-level approvals - Now, with Cloudforms, by default, we get first-level approval provisioning. But if we want additional levels of approvals to make sure optimum utilization of resources, then we can provide that with customized multi-level approvals. Just like in first-level approvals, to view the VM provisioning request that has been approved at the first level, a second-level approver must also belong to the same tenant and group that the requester belongs to. If the second-level approver denies the VM provisioning request, then VM provisioning for the given request fails. If the approver approves the request, he needs to submit a reason for approval. And the process will be repeated for the number of approval levels we decide to have.
After the request passes approval, VM provisioning begins in the subnet mentioned in the request. The provisioning of VMs allows you to allocate and manage disk space efficiently.
- Added cost calculation for VM provisioning - Exact calculation of the resources is an important aspect of any system. Our client wanted the exact cost as per the items selected to be displayed while requesting a VM. We came up with a solution that displays cost calculations correctly on a User Interface (UI). The cost is displayed on monthly as well as yearly bases. This adds convenience while requesting a VM.
- Added subnet level support - A subnet is a basic unit with which network settings are applied to hosts in a deployment. Our client had four different subnets to provision the VM. But they didn’t have a feature to use four subnets. Every time, the provisioning of the VM had to be done in a single subnet. We resolved this problem by providing a dropdown list on the UI and IPAM server support at the backend. Now, a requester can select the subnet, and VM gets provisioned in the same.
That was a quick overview of how we can achieve VM provisioning and what enhancements we can have using CloudForms. If you have any queries related to Red Hat CFME, feel free to write them in the comments section below.