notes: interesting bits from US Federal Cloud Computing Initiative RFQ

  • ref
  • “cloud computing is a major feature of the president’s initiative to modernize information technology” (1)
  • “cloud computing is a model for enabling …” (1)
  • General Cloud Computing Requirements
    • “The Contractor shall support internet bandwidth of at least 1Gb/s ” (4)
    • “The Contractor shall have a minimum of two data center facilities at two different geographic locations in the Continental United States (CONUS) and all services acquired under the BPA will be guaranteed to reside in CONUS” (4)
    • “The Contractor shall support provisioning of practically unlimited storage, computing capacity, memory (e.g. at 1000 times our minimum resource unit metrics), independently from the physical location of the facilities.” (4)
    • “The Contractor shall support service provisioning and de-provisioning times (scale up/down), making the service available within near real-time of ordering.” (4)
  • IaaS Common Technical Requirements
    • “The Contractor shall provide the ability to provision virtual machines, storage and bandwidth dynamically, as requested and as required. ” (6)
    • “Contractor shall support secure provisioning, de-provisioning and administering [such as Secure Sockets Layer (SSL)/Transport Layer Security (TLS) or Secure Shell (SSH)]in its service offerings.” (6)
    • “The Contractor shall support the terms of service requirement of terminating the service at any time (on-demand). ” (6)
    • “The Contractor shall provide a robust, fault tolerant infrastructure that allows for high availability of 99.95%.”
    • “Within a month of a major outage occurrence resulting in greater than 1-hour of unscheduled downtime. The Contractor shall describe the outage including description of root-cause and fix. ” (6)
    • “Service provisioning and de-provisioning times (scale up and down) in near real-time” (6)
    • “The Contractor shall provide a secure, dual factor method of remote access which allows Government designated personnel the ability to perform duties on the hosted infrastructure.” (6)
    • “The Contractor shall manage data isolation in a multi-tenant environment.” (6)
    • “The Contractor shall manage data remanence throughout the data life cycle.” (6)
    • “The Contractor shall enable Order Management via Application Programming Interface (API).” (7)
    • ”…80% threshold for the order. ” (8)
    • “The Contractor shall provide Trouble Ticketing via API.” (8)
    • “The Contractor shall maintain user profiles and present the user with his/her profile at the time of login.” (8)
    • “The Contractor shall identify Tier 1 Internet providers it is peered with, and where this peering occurs. The Contractor shall provide its Autonomous Number System” (8)
    • “IP Addressing: 1) The Contractor shall provide IP address assignment, and if capable, include Dynamic Host Configuration Protocol (DHCP). 2) The Contractor shall provide IP address and IP port assignment on external network interfaces. 3) The Contractor should provide dedicated virtual private network (VPN) connectivity between customer and the vendor. 4) The Contractor should map IP addresses to domains owned by the Government, allowing websites or other applications operating in the cloud to be viewed externally as Government URLs and services. 5) The Contractor shall provide an infrastructure that is IPv6 capable.” (9)
    • “Cloud Storage Services shall consist of the following REQUIRED Services, Service Options, Service Attributes and Service Units. ” and API request definitions (”…TPUT operations performed against Container/Bucket are used to create that container …”) (10)
    • “Service Units … Provides the requirements for the minimum purchasable units of the Service Attributes. These Service Units may be purchased the minimum or in multiples of the minimum. The customer shall be billed for the actual service units used.” (10)
  • “storage for files / objects supporting a single file/object sizes of up to 5GB” (11)
  • “storage tiers” (11)
  • “A minimum equivalent CPU processor speed of 1.1GHz shall be provided. Additional options for CPU Processor Speed may be provided, however it is not required. … The CPU shall support 32-bit and 64-bit operations” (13)
  • “Windows and LINUX OS’s at a minimum. Additional OS options may be provide or supported; however, this is not required.”(13)
  • “Physical memory (RAM) reserved for virtual machine instance or Computing supporting a minimum of 1GB of RAM.”(13)
  • “Disk Space allocated for virtual machine supporting a minimum of 40GB.”(13)
  • “Table 11: Virtual Machine Bundles” (13)
  • “Provide the capability to dynamically reallocate virtual machines based on load, with no service interruption.” (14)
  • “Perform Live migrations (ability to move running VM’s) from one host to another.” (13)
  • Table 13: Cloud Web Hosting Requirements (15)
  • Table 14: Cloud Web Hosting Bundling (18)
  • “The Government and the Contractor will work in good faith to establish an Interconnection Security Agreement (ISA) and/or a Memorandum of Understanding (MOU) as provided in the National Institute of Standards and Technology (NIST) Special Publication 800-47, Security Guide for Interconnecting Information Technology Systems, Appendix A – Security Requirements and Appendix B – Personnel Security. ” (18)
  • “6.3 Management Reporting Deliverables” (20)

quote: U.S. Government’s Cloud Computing Requirements

“… cloud service level agreements must provide for at least 99.95% availability, vendors have to take steps to secure their services, and trouble tickets and order management need to be able to be done via API. Virtual machine services must allow live migration of workloads from one VM to another, while Web hosting services require both Windows and Linux options….”

From InformationWeek article “GSA Outlines U.S. Government’s Cloud Computing Requirements”

barcamp san diego 5: “cloud computing on EC2”

– rightscale alternatives
— chef
— sponsored by att
— an opensource ruby project
— puppet
— cfengine
— way cheaper than rightscale

– ec2 alternative
— eucalyptus
— opensource project on a private cloud
— akamai now hosts applications on their edge servers

– load balancer
— haproxy (
— software based
— allows us to route all traffic to a new cluster once it’s launched and running
— red5
— hardware based
— algorithms
— round robin