image

I was recently selected to take part in a public beta for the London Based hosting provider Stratogen . The beta is based on their vCloud Director offering and has be great to taking a look at the “cloud” from a consumers point of view.

As far as the trial has been put together , I’ve been set up as an Organisation with a single VDC , allocated a fixed resource pool of some compute , memory and storage. Networking wise I’ve been set up an internal and external network , with a pool of IP’s on each.

My aim for the beta was to see from a virtual machine administrator’s perspective how easy it was to set up an application in the cloud from scratch. What I would really have liked to have done was built an application in my home lab and then federated that up to the cloud , but sadly that was beyond scope for the moment. Perhaps in the future I’ll be able to give that a go.

Stratogen haven’t currently put their own UI on top of Cloud Director, so it currently looks like the usual cloud director interface – its important that I must stress the beta is still at pretty early stages , so anything can ( and possibly will ) change.

image

So , After login , I was presented with the pretty default looking screen above. In my usual style when I get my hands on a product I tend to have a little click around to see what I can see without having to delve into any setup guides.

It all looks pretty locked down at the Organisation / Resources side of things , I can only see my own VCD , and aside form changing machine leases & the comments about my Organisation , not a whole lot to be able to change.

With Nothing deployed , I had no vApps to manage , so it would seem sensible to try and deploy a machine. Thankfully Stratogen had put a few sample vApps in a public catalog– mostly apps containing a single VM of varying operating systems , Windows 2008 R2 , Centos Linux & RHEL.

Having spent  many of my formative years as a Windows admin , it makes a good common denominator so I chose to deploy a windows Vm to see what would happen. After a short Wizard allowing me to name the Vm and set its lease , I had to select the network to put the VM on. I wasn’t keen on putting this VM directly into the public network – as an admin , I wasn’t to sure of what patching level it was, nor did I know how open the public network was either, so erred on the side of caution , and selected the private network to home the VM.

While I wouldn’t have said the Vm provision was instant , it was pretty fast ,along with a host customisation that set a random admin password for me. Because I’d put the Vm on the private network, I wasn’t able to RDP directly into it from my workstation, so initially was restricted to the embedded vm console application – which in server 2008 r2 can be a little bit painful to use , I suspect the WDDM drivers weren’t in use – however this is an easy fix that I’d have probably had to do anyways. Improved though the connection now was, on my home DSL line , which isn’t all that fast to begin with , performance was a little lacklustre. I needed RDP.

I dropped the Stratogen chaps a mail about what my options where from a security point of view in the beta – it seem that in a fully managed service there would be a lot more control over the hardware firewalls available , but as a beta customer and in the interests of keeping it virtual, I would probably be better off deploying my own firewall.

 

Had this been a “real” deployment , I would have looked at something like vShield app (http://www.vmware.com/products/vshield-app/) or Checkpoint VE edition (http://www.checkpoint.com/products/security-gateway-virtual-edition/index.html) however given that my beta test is on a zero budget , I’m going to have a look a little cheaper. I would have loved to have deployed a m0n0wall appliance (http://www.vmware.com/appliances/directory/628223) however because the appliance is delivered as a VMDK , I’d have had to somehow convert it to an OVF file with a way to import the VMDKs from a public web server , which at this point wouldn’t be practical. What I was able to locate was a firewall deployed from an ISO image of the Endian Community Edition. http://www.endian.com/en/community/overview/ . This is a turnkey Linux install that will allow me some basic firewall functionality. I am able to use this to open up pinholes to my private network and publish any services from within.

 

Coming up in Part 2 – Deployment of a load balanced multi tier application in a public cloud.