How to Dismantle A Cloud

My talk at 2016 Austin OpenStack Summit has generated many queries from CTOs, CIOs and CSOs in a matter of weeks.

Nowadays, most companies are thinking of how to build a cloud infrastructure.  Often times what people forget is, silently early cloud adaptors are dismantling a cloud for various reasons: upgrading, moving a private cloud into a public cloud infrastructure, incorporating hybrid cloud, merging businesses, acquiring businesses etc.

And it is not as easy as it sounds. Several issues are to be considered.

The magnitude and the number of issues one encounters increase exponentially with the size and heterogeneity of HW/SW/Applications in the cloud.

Dismantling a cloud has several dimensions to it.  Oftentimes people do not dismantle the entire cloud infrastructure, but a component of it i.e. CPU or memory or storage or network or some combination of components.  Dismantling a cloud may arise many issues:

• How to re-use or discard the equipment and/or software?
  • Are the re-used devices crossing security boundaries?
• How to erase, migrate or backup the data in the cloud?
• What Security process to follow to ensure no sensitive data is leaked?
• What are the responsibilities of various organizations in the organization?
  • Develop an internal process or hire a specialized third party vendor?
• Is it worthwhile to have a temporary hybrid cloud?
• What is the cost involved in dismantling the cloud?
• What kind of timeline is involved?
• How the process will affect the productivity of the organization?
  • What kind of pre and post announcements are needed?
  • Who all need to be communicated?
• How not to disrupt the cloud services?

If such questions are not carefully considered and the process is planned properly, it could land up posing a huge problem for an organization, its customers and partners.

Since dismantling a cloud safely, securely, and effectively still remains a black art, incorporating a process that accounts the following tasks seems to pay off:

• Inventorying of physical and virtual resources in the cloud
• Inventorying of software deployed
• Inventorying of services provided by the cloud
• Mapping of the services to the cloud architecture
• Documenting complete and accurate description of where all data resides
• Documenting the security boundaries in the cloud
• Producing a plan for incidence response(s) if an adversary attack(s) occurs during the dismantling of the cloud

Properly zoned clouds (security, usage, application, organization wise) tend to be easy to dismantle.

Building a cloud in one shot or organically is easy.  Dismantling or upgrading a cloud is not as easy as building a cloud since unintended technical and organizational issues creep quickly.

The above issues hold value independent of the cloud infrastructure and use.