We have been evolving our data center operations throughout the years. As we come from centralized to decentralized, from mainframe to distributed, and from physical to virtualized deployments, the one thing that has had to be the most adaptive is the ever valuable Systems Administrator.
So, as we head into the next generation of the SDDC (Software Defined Data Center) and SDN (Software Defined Networking), one of the biggest challenges being faced is understanding how the modern Systems Administrator will be able to adapt to the new paradigm shift in technology. Is there one language to learn? Is there one product to learn?
This is my tongue in cheek view of what the ultimate Systems Administrator looks like based on what we are all hearing.
Meet Paul Issee
Despite the big players talking about SDN like Martin Cassado, Joe Onisick, Brad Hedlund and others, plus the many players in the vendor space who are mentioned with the proposed SDDC evolution, there is one name that we are all hearing about, which is Paul Issee.
When you listen closely, this name comes up in every webinar and every discussion around the advancement of virtualized networking and security. Apparently, Paul Issee will oversee everything. Paul Issee will have an end-to-end view of the entire data center and cloud infrastructure.
Beyond letting our new sysadmin Paul Issee see everything that is going on, apparently Paul Issee has one talent that no other Systems Administrator has been able to have up to this point: implicit trust in persistent application of rules regardless of change to surrounding infrastructure. Wow! This Paul Issee is pretty incredible.
Letting Paul Issee Define Your Operational Security Model
One of the talents that Paul Issee has from what we have been told is that Paul Issee has a new security model that will be able to hold a distributed database of rules that apply to objects in the environment.
Once Paul Issee does all of this magic, you will find that you have now achieved the ultimate goal of having a “Paul Issee Defined Infrastructure”. Paul Issee is also more than just a technology tool. Paul Issee is fully aware of business rules that apply to the technology of an organization.
In other words, the awareness of business rules around access, separation of administration, logical isolation of resources, and much more will be a part of what Paul Issee is managing in the modern data center. Paul Issee is bringing the same evolution to our data center and cloud that DevOps does for our application development environments.
Does Paul Issee Replace Me?
One word answer: NO! What having Paul Issee on your team will do for you is to allow you to get back to the task of creating and managing your physical and virtual resources with less concern about the state of things in your production infrastructure.
Beyond the traditional virtualized networking we are using today, we will begin to build this Paul Issee Defined Network into place which will save us time and worry. This doesn’t replace is at all. If anything, it cements our role in being able to understand and build these environments that map to the business rules that are in place.
The one thing that you will learn in practice by putting your tasks in the hands of Paul Issee is that Paul Issee is entirely trustworthy and reliable. All of the work that is done is also logged, and when an issue arises, Paul Issee will have a safe plan to protect infrastructure.
When you move around your virtual resources, Paul Issee will see those moves and account for them with all of the business and security rules that need to apply. Basically, wherever your virtual resource (VM, vApp, Container etc.) goes, Paul Issee goes with it.
What if Paul Issee Fails?
Luckily, the new data center model uses a distributed control plane. What this means is that the knowledge about Paul Issee is spread throughout the physical and virtual environment at various ingress and egress points. All of the content and knowledge from Paul Issee will survive the loss of any portion of the environment using this distributed model. In effect, Paul Issee is always there. Do you have a Systems Administrator that has a 100% attendance record?
Wait, I See What You Did There
Yes, this is all a play on words to show you that your new Systems Administrator “Paul Issee” is exactly what the name sounds like: policy. Policy-driven infrastructure is going to be the destination that we are striving towards in the coming months and years.
In the same way that orchestration has helped to solidify the standardized approach to doing regular tasks such as server and application builds, we have the next step even beyond that.
The move from automation, to stateful orchestration is now one-upped with the ability to have a distributed policy engine that will maintain a view of the environment just in the way that dynamic network routing protocols have been able to do. The difference in what we are seeing with the next generation of data center and cloud environments is the application of security into the policy engine, not just topology.
This is the ultimate question that we have about what is the product or language that this new data center will speak. It will mean that there will be some programming language required to interact with the system. Will our Systems Administrators need to be developers? No. Will it be necessary to stretch our skills as administrators and architects to fully embrace and leverage these new methods? Yes!
Keep your eyes on the ecosystem, and as products like Cisco ACI and VMware NSX enter more data centers, you will see that other products will line up alongside them with a common methodology: Policy-Driven Infrastructure.