Toby Ford | At your service
GCN Interview with Toby Ford, USi chief technology officer
- By Joab Jackson
- Aug 24, 2007
Virtualization is a great way to use assets more efficiently. - Toby Ford
Many government agencies are testing virtualization, but application service provider USi is increasingly relying on the technology to stay in business. 'We differentiate ourselves just by being a little bit ahead,' said Chief Technology Officer Toby Ford. The company, which AT&T purchased last year, hosts large enterprise applications such as e-commerce systems for large corporations and government agencies. So any gain in efficiency translates directly into enhanced financial well-being for the company. We spoke with Ford to find out a bit more about how virtualization ' and other cutting-edge technologies, such as thin provisioning and the Business Process Execution Language ' could help large organizations.GCN: What are the challenges to offering software as a service?Ford:
The main challenge for us is compliance. We have a number of different markets we deal with ' financial, health care, government. They all work under different auditing regimes. We are constantly trying to keep up with these things.
Lately, the Payment Card Industry Security Standards Council (PCI) has been heading in the direction that ' for credit card information ' all servers, firewalls and networks must be dedicated. And that is a challenge for us. Over time, we've evolved toward having a lot of shared functionality. It's shared functionality with security. We have good boundaries, and we have good controls over security, but the PCI group is feeling more comfortable having things separated.GCN: Can a virtualized environment be considered dedicated?Ford:
Not in the current set of PCI definitions. They're ambiguous. That's something we're currently working [on] with the PCI group ' to try to convince them to be more specific. You read it one way and could conclude virtual local-area networks are bad. [If that were the case], we'd have to have dedicated network switches, which would be ridiculous.GCN: So USi is bullish on virtualization?Ford:
We are. It's a great way to use assets more efficiently. Even if you buy a small server, most of the time it has way more [power] than what you need. In an analysis we did a few years ago, we found that we were only utilizing 5 to 10 percent of our assets. That's when we got into virtualization.
In the beginning, it made sense to use virtualization in a nonproduction lab role, but about 18 months ago, we fully committed to use virtualized environments using VMware. Two milestones'recently put us over the edge.
One was the release of VMware EMX 3.0, which increased the amount the CPU threads and memory to a level where you could use [the software] in production. That, coupled with AMD's release of virtualization stuff in the Opteron that helps with [input/output] ' a weakness in virtualized environments ' has been revolutionizing our way of dealing with hardware.
We're able to move programs around on the fly without rebooting. In the past, we offered high availability by using clustering server software, like Veritas Cluster Server, where you had to script out every transition of services from one server to another. That was very hard to maintain. In VMware EMX, as the server goes down, the whole operating system moves over on the fly. That's been tremendous for us.GCN: How many virtualized instances will you run on a typical production machine?Ford:
We'll run 16 to 20 guest operating systems [per server].GCN: So it is now more cost-effective for you to address the input/output and various other problems associated with virtualization than it is to just buy more cheap servers?Ford:
Exactly. We front every server with a reverse proxy, [Citrix] NetScaler hardware acceleration [software]. We use NetScaler for every Web connection, so we aggregate multiple Web connections down to one, and that helps tremendously. What happens is that the browser will connect to the NetScaler, and so when multiple connects come in, the NetScaler will make one connection back to the [virtualized] Web server, and then it will send all the traffic through that one connection instead of many different connections.
We also have a piece of hardware to cache the Java objects, well-known select statements and other things that are easy to offload.GCN: What are you doing in terms of storage?Ford:
We've made a pretty good leap in volume management using [storage systems from] 3Par. The highest number of tickets we deal with every month are about running out of disk storage. So the ability to grow volumes and move data around is a big deal for us.
We've been using thin provisioning in 3Par, which allows us to allocate large volumes ' a standard lately is 2T. We don't have to do volume management all the time. We don't have to be expanding drives all the time. The way 3Par storage works, if there is a 30 percent disk utilization, then we only pay for 30 percent [of that disk] instead of 100 percent, which we would have paid for in [an] EMC device.GCN: I figure Network Appliance and EMC would be offering those kinds of deals as well.Ford:
Both NetApp and EMC are at a point in size where they are expecting premiums because of brand. The software costs for extra functionality like remote copying ' at least for EMC ' is just out of control. So we're going to other vendors because of cost.GCN: You're actually using the Business Process Execution Language, an emerging standard for notating automated workflow processes?Ford:
BPEL has helped us a lot in doing business process workflow improvements. The BPEL Process Manager from Oracle has been quite helpful for us. For instance, a new person comes in, and they have a wide range of privileges. Some involve getting system access in multiple different systems, and others involve forms that need to be filled in. And so it is a multistep process, and we use BPEL to keep an eye on the processes and get a summary of where things are going slow.GCN: Providing billing and status reports have traditionally been difficult with hosted applications. What does USi offer?Ford:
We have a client support portal that is very tied to our operational support system. It's role based, so [for] whoever logs in, we can add functionality on the fly based on what the role is. Some of our clients only want a big red button that says 'Fix Me,' and others want granularity ' utilization graphs and so on. Our client portal will have everything you can imagine: performance, all the workflows we're working on, the statuses that you'd be interested in such as how much storage is being used, how often backups take place.
Joab Jackson is the senior technology editor for Government Computer News.