Intel Software Ensures Performance, Trust in OpenStack Clouds

The vendor's IDM:SSA offering guarantees that VMs in multitenant environments get the resources and security they need.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

Cloud management

Intel is offering new software aimed at ensuring that workloads in OpenStack cloud environments get the appropriate levels of performance and that enterprises can trust the level of security around those workloads.

At an event in San Francisco May 21, Intel officials unveiled the company's Datacenter Manager: Service Assurance Administrator (IDM:SSA), an OpenStack plug-in designed to ensure that in private cloud environments, the right amount of resources are given to each workload, and that the infrastructure is a trusted environment.

"More and more, we're seeing enterprise IT move their critical workloads into shared, multitenant environments," Billy Cox, general manager for service assurance management at Intel, said in a video posted on the chip maker's Website.

When those workloads move into the cloud, IT needs to be able to guarantee their performance and security. When problems arise around performance, it can impact the service-level agreements (SLAs) between the owner of the workload and the infrastructure, Cox said. Security issues can cause compliance problems with regulatory requirements, he added.

On the performance side, an issue in multitenant environments—where more than one workload shares resources—is "noisy neighbors," or virtual machines (VMs) that consume more than their share of the resources of the shared system and negatively impact the performance of other VMs on the system.

When a workload is moved to the cloud, a VM is presented to OpenStack to be placed onto a system. Leveraging the IDM:SSA OpenStack plug-in, IT administrators can find the right node on which to run the VM based on the resources it needs based on the SLA, Cox said. Using a spec within the SLA called the Service Compute Unit, the software can determine the performance target for the VM. Through this, IT administrators can measure the performance, he said.

"What we invented was a way to use instrumentation in the hardware to determine what the performance of the VM is at its actual runtime," Cox said, noting that what the administrator gets is a number that they can compare to the SLA-based targets for that VM. "Based upon the results that we get, we know [the VM is] achieving its target performance or it's not, and we can make adjustments."

The IT staff can dial back the resources if the workload is getting more resources than it needs to hit its performance targets, or add more resources if it's falling short. If the VM can't get more resources, it might be because of a noisy neighbor, Cox said. In this initial version of the software, IDM:SSA can determine whether there is a noisy neighbor on the server. In the next generation, the software will be able to determine which VM on the server is the problem, and in a version after that, the software will be able to constrain the impact of that noisy neighbor, he said.

On the trust side, Intel's software is leveraging the chip maker's Trusted Execution Technology (TXT), which ensures that the hardware meets the security levels required by the workload by measuring the hardware, hypervisor, BIOS, firmware and software components at the time of launch. Making sure that the infrastructure meets the security requirements of the workload increases the trust IT has in the systems.

The software, available now, takes advantage of platform telemetry capabilities in the processor and chipset to bring resource management into the picture, and includes analytics capabilities to identify any violations of the SLA.

The initial version is focused on the compute part of the infrastructure, but future versions also will include the storage and networking segments, Cox said.

While the software benefits enterprise IT, it also offers promises to service providers, which can now create new service offerings and can reduce capital expenses by being able to pack more workloads into their infrastructures, he said.