Community cloud – Laval’s experiment in social tech

Université Laval has extended beyond the centralization of IT service delivery to build a cost effective private cloud that also supports the hosting needs of external government agencies.

Background

Since founding in 1663, Université Laval has worked to build a global reputation for high quality, comprehensive educational programming, research excellence and outreach to the broader community. Today, Laval has over 42,500 students enrolled, 10,000 employees, and 17 faculties that cover subjects ranging from medicine to music, and business administration to theology. Located in Québec City, Laval is the 6th largest research university in Canada.

Guillaume Moutier, director, Enterprise Architecture Office, Université Laval

Like many government agencies and educational institutions, Laval had based its ICT fulfillment on a decentralized service model: individual faculties within the university each had their own IT budgets and delivered IT services from out of local resources. But as part of an effort to reduce operational power and cooling costs for Laval’s many data centres, in the mid-2000s the CIO committed to consolidating all IT infrastructure on campus. “We decided to merge all these resources, but at the same time, we had to provide the IT services. We couldn’t just tell faculty that you don’t have the right to buy your own servers; it had to work differently,” explained Guillaume Moutier, director of the university’s Enterprise Architecture Office.

By 2011, Laval had established Clumeq, an HPC facility distributed over three circular floors with 2,700 square feet in the renovated Van der Graaf particle accelerator facility as its compute centre, and the central IT department began to act as a service provider to the different university departments. To avoid having to meet faculty requests for multiple types of servers or storage, IT created a “kind of abstractional layer” – a mobile-enabled service portal for faculty to order up vms, storage capacity, and backup for consumption of IT services. “It’s just like a shopping basket,” Moutier added. After ordering their vms, etc., faculty users could enter their university account number, and within minutes, their machines would be provided out of central resources.

For this IT brokerage approach to work, Moutier noted “it is essentially to have a very strong commitment from executive management, and at the same time, you’ve got to deliver top notch services. If you don’t have both, it just doesn’t work.” To support the shift from a federated to a centralized operational model, the IT department had to convince the individual departments that the service was good. Early adopters included several of the smaller faculties who did not have extensive internal IT resources, and who recognized the value of not having to buy and manage their own infrastructure. Delivery of compute resources via the centralized portal would mean this group could devote their IT resources to other tasks besides managing servers. Over several months, as it came time for various faculties to review their server environments, additional departments chose to access centralized service delivery. These were able to say “it’s cost effective, and I can see that the service is good,” Moutier explained.

A question of opportunity, not challenge

By 2014, the university had begun to receive requests from government organizations in the province, such as local municipalities (Québec City), and other public sector entities, school boards, etc., to host their infrastructure in the Laval data centre. At the same time, Moutier added, the province passed a law encouraging government agencies to share resources and knowledge: “we looked at what we had – data centres, the ability to manage large environments, and knowledge; we were already acting as an IT service provider. So in 2014, we decided to offer our services to other outside organizations.”

To prepare for additional service demand, Laval developed its private cloud, where storage as well as physical networks for internal needs and for the external offering are shared and everything is hosted inside the university data centre. But IT also created some special clusters that are dedicated to the service offering, applying VMware licenses for networking and management tools to create its own version of the software-defined data centre. In this initiative, one key success factor was process change around the organization of people. According to Moutier, all the infrastructure teams – including storage, utilization and networking – were merged: “If you don’t do these kinds of things, forget about software-defined data centre. It just won’t work. It has to be one team with one goal.”

To support this cloud infrastructure, the central IT group chose to deploy NSX for it security, automation and management capabilities; Laval became one of the first 50 organizations globally to deploy VMware’s network virtualization platform in a production environment. NSX microsegmentation enabled the team to create what Moutier called network ‘bubbles’ – security for individual tenants who are isolated from each other and from Laval’s internal network to address users’ fear of cross infection in shared cloud environments. NSX also provides management capability, a necessity for Laval which was in a position to share physical resources, but not to hire extra staff to develop services. Tenants would need to be independent in terms of what they do inside the data centre, a requirement that NSX addresses. As example, Moutier described migration of the Ministry of Tourism workloads to the Laval facility, a process that consumed two weeks as the Ministry moved vms with 10-15 different networks from their old provider into the Laval environment. Once they were set up with capacity (1 TB RAM, 10 TB storage) the Ministry created its own networks, spinning up virtual firewalls, and virtual IP addresses – it now operates in a totally autonomous fashion, managing its own data centres.

Benefits to Laval, its clients and the community

According to Moutier, Laval did not have to build the cloud management portal, but instead relied on VMware’s vCloud Director for Service Providers, and Laval is now part of the vCloud Air Network, which enables the university to share resources (if not licenses). This approach delivers one of the key financial benefits of cloud; Laval pays only for the clients it has and the university does not have to pay up front for licenses. Laval is billed monthly based on what it consumes, and can pass this benefit onto clients, who are also billed monthly on consumption. This means little investment is needed for Laval to run its hosting operation and this new line of business can grow at its own pace.

Clumeq, Université Laval, Quebec

This growth in turn provides additional benefits from a technological point of view. As Moutier explained, the more storage capacity the Laval cloud has, the more distributed the workloads can be, resulting in better performance and greater reliability. Currently Laval uses EMC Isilon units which are scale-out storage – the more units the team has, the more redundancy there is for fail over and for workload distribution. “If instead of having two units, I have ten units I can more equally balance my load – so it’s important for me to be as big as possible,” he added.

For clients, there is clear advantage to dealing with another public sector organization, rather than a private firm, which may have different objectives. As Moutier explained, “It’s about sharing our resources among the community; that’s why we call it the ‘community cloud’.” Laval runs its cloud business on a non-profit basis, achieving very small margins, and any profit that accrues is reinvested in projects for students or researchers, a mode of operation that it has in common with its largely government client base. “We are trying to create a circle of virtue; we have many large government departments and agencies that are struggling to find data centre space, struggling to find disaster recovery solutions…. The goal is not to make money, but to share resources, and make sure that organizations have access to these kinds of resources. The cost of entry for a new data centre is around $10 million – not every organization has that kind of budget,” he added.

According to Moutier, cost efficient service delivery is supported by Laval’s ownership of its own fibre network infrastructure. In the early 2000s, Université Laval built its own fibre network to connect hospital research centres, and now most of the city is covered. Laval clients in the rest of the province rely on the RISQ, a network built to connect educational research centres, and clients can connect through an access point in Montreal, to which Laval runs its own fibre. Moutier explained: “in cloud, the most important part is the network. You can put cloud anywhere, but if you cannot connect to it, if you cannot move data, it’s a real problem. That’s what we have solved for – all through our Québec City network, we are set to deliver 10 gigabit links between the ministries, for example, and their data centre or storage space, and we provide this at minimum cost because it’s our own fibre.” And unlike the Internet, the Laval link offers the control needed to assure security and bandwidth levels.

Moutier likens Laval’s cloud service initiative to a “social awareness project” – Laval is the second largest employer in the Québec City region, and the university is an integral part of the community, so it is incumbent on the team to share its knowledge. “We have gone down the software-defined data centre path and this enables us to think about the future of data centre build and operation. If we had simply continued to fulfill internal needs, we wouldn’t have developed the kind of skills and knowledge we now have,” and are now recognized for.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.