Product Capabilities
Nimbula sees a world where any end user, with a single API call, can demand any resource at any time for any duration, at any cloud or location worldwide that is appropriate to their needs and constraints, so long as free capacity exists and so long as the end user has both
- Permissions delegated to them by their organization and the owner of the resources in question
- A willingness to pay the assigned price for their activity.
Nimbula Uniquely Delivers
Nimbula Uniquely Delivers
The most cost-effective and secure way to build and manage clouds with global reach and scale
Meaningful scalability: Many infrastructures claim scalability to large numbers of workloads. Only Nimbula Director provides scalability to thousands of nodes and tens of thousands of instances without sacrifices
- No performance degradation due to bottlenecks
- No risk of mass outage due to single points of failure
- No management complexity due to segmentation of services or abstractions – no matter how large a Nimbula Director deployment is, it functions as a single cloud with a single global set of resources and services
Streamlined cloud operations: Nimbula Director offers the highest levels of automation – from node installation, to the self-managing & self-healing cloud services, to instance placement. Nimbula provides a hands-off cloud.
Optimized for low cost cloud-ready datacenters: Nimbula Director works with commodity servers, storage, and networks. We support any server that can run common Linux distributions, any storage at any price point that can support NFS, and simple flat networks that do not need to be altered or tampered with as the cloud grows and as tenants are added.
Centralized management of all cloud resources across sites and cloud providers: Nimbula Director clouds can span multiple geographic locations with centralized management of customers, users, groups, and policies to create a seamless global pool of compute, network, and storage resources. Furthermore, Nimbula Director manages permissions, versioning, instantiation, and auditing of resources in public clouds such as Amazon’s EC2. By unifying end user workflows, security models, and audit trails, Nimbula Director provides true hybrid cloud today.
Increased security for cloud workloads: Nimbula’s innovative and unique permissions and authentication system combined with its scalable and dynamic policy-based network isolation functionality ensure that Nimbula Director clouds are the most secure in the industry without inhibiting end users’ ability to rapidly execute self-service workflows.
The most functionality and flexibility for end users for the highest possible business agility
Secure self-service collaboration: No other cloud platform enables its tenant administrators to delegate fine-grained permissions to their end users and manage their access to resources across the entire cloud and in even other clouds. While system defaults provide for complete isolation of tenants form each other, there are no artificial requirements for coarse-grained partitioning of the system into sets of resources that must be set to be completely public or completely private. This enables Nimbula Director customers to collaborate amongst each other with precision control and without support requests to centralized administrators. It is the world’s first general purpose, multi-tenant, self-service collaborative system.
Simple, powerful, and securely delegated end user self-service: Nimbula Director provides mechanisms to setup policies to constrain end-user behavior as well as mechanisms to maintain, version, and publish templates that are independent of end user context and that have no ties to physical infrastructure settings. Within the constraints set by administrators, end users can quickly and independently deploy from centrally maintained resources and configure their instances at launch time with appropriate compute, storage, network and security settings, all without any need for additional permission from or intervention by cloud administrators and without any need for them to be cognizant of the underlying physical infrastructure.
Detailed Capabilities
| Feature Area | Value Proposition |
|---|---|
| Low operations physical infrastructure | Lowest operational expense for highly scalable and dynamic clouds |
| Identity and permissions | Rock solid isolation between tenants with the industry’s only system for secure collaboration |
| Network control | Flexible and scalable network security for any network architecture you choose |
| Storage automation | Optimizes storage costs by delivering the right storage for the right use at the right price with the right assurances |
| Self-service workflows | Getting IT out of the way of the business allowing the business and their end users to serve themselves and the rest of their organizations |
| CIO functionality | Providing transparency to the cloud consumer for cost justifying the activities of their end users |
| Multi-site federation | Delivering the flexibility to run any workload on any cloud so long as the permissions permit the action, the resources are available, and the end user is willing to pay |
Low operations physical infrastructure:
Lowest operational expense for highly scalable and dynamic clouds
- Very high degrees of cloud automation designed to work at very high scale – 3000 nodes managed as simply and reliably as 3.
- A wide range of server, storage, and networking support allows you to choose what you are already comfortable with no need for retraining.
| Feature | Detail |
|---|---|
| Zero-touch install | Quickly install up to hundreds of thousands of computers with a hands-off automated installation on bare metal. |
| Self healing control plane | Self-monitoring and self-healing distributed control plane provides the highest cloud availability with no administrator activity required |
| Large scale cloud | Scales to thousands of nodes and dozens of sites |
| Broad compatibility | All hardware supported by RHEL6 and CentOS 5.6 and all VM operating systems supported by KVM |
Identity and permissions:
Rock solid isolation between tenants with the industry’s only system for secure collaboration
- Cloud administrators merely need to create the tenant administrative account and the tenants can do the rest on their own.
- Specific users and groups within tenants are delegated fine grained rights on specific objects
- Rights can even be delegated across tenants where appropriate
- Tenants can choose to be completely locked down, completely open, or to be selectively open for controlled and secure collaboration
| Feature | Detail |
|---|---|
| Identity | All actions are tagged with the identity of the requestor |
| Fine grained access control | All actions on all objects can be allowed or disallowed on the basis of customer, user, or group |
| Delegation |
Rights are delegated from cloud administrator to customer administrator to users and groups and even between users and groups for controlled self-service within set bounds |
Network control
Flexible and scalable network security for any network architecture you choose
- Secure management of VLANs for multi-tenancy complete with support for broadcast and multicast
- A network independent firewall system that secures network traffic to preserve separation between cloud tenants, properly isolate traffic between users and groups within tenants, and secure what is inside the cloud from the outside world
- Enables end users to decide which workloads should be publicly exposed and which should only be accessible from within the cloud
| Feature | Detail |
|---|---|
| Security lists | Scalable, distributed firewall to separate workloads within and across tenants in the cloud. It is fine grained, self-service, and independent of the underlying network equipment and topology. |
| vEthernets | VLAN separation for tenants in your cloud |
| NAT | Self-service system for selectively exposing cloud workloads to the public internet |
Storage automation:
Optimizes storage costs by delivering the right storage for the right use at the right price with the right assurances
- Uses local disk where possible and remote storage where necessary
- When using remote storage, allows the restriction of the most expensive and capable storage to select users and groups
- Allows end users to decide which storage type to use for each workload if permitted to use more than one class
- Storage property abstraction and storage provisioning automation allows end user self-service while hiding the details of potentially hundreds of discrete back ends with a heterogeneous set of capabilities
- Use of widely and commonly implemented protocols supports hundreds of models of storage from dozens of vendors – unparalleled choice in the cloud space
| Feature | Detail |
|---|---|
| Ephemeral storage | Cheap, low latency local storage for ephemeral data |
| Template storage | Cheap, low latency local storage for ephemeral data |
| Nimbula Disk Service (Persistent storage) | Self-service mechanism for creating and managing persistent block volumes. Supports quality of service tagging for intelligent storage tiering. Back end is any NFSv3 storage system thereby supporting the choice of almost any storage provider in the industry. |
Self-service workflows
Getting IT out of the way of the business allowing the business and their end users to serve themselves and the rest of their organizations
-
Tenant administrators determine:
- Who in their organization can do what activities on what resources within the tenant namespace
- Which users and groups can collaborate with which other tenants
-
End users, once given permission can:
- Manage their own VM images and can share the results of their work
- Deploy, manage, and retire their own instances.
- Configure their own setup, determining networking rules between their instances, instance placement policy, and post-deployment instance configuration
| Feature | Detail |
|---|---|
| Image lists | Create, delete, version, and publish image templates |
| Launch plans | Create sophisticated plans for launching instances taking into account CPU, memory, disk, and network security needs. |
CIO functionality
Providing transparency to the cloud consumer for cost justifying the activities of their end users
| Feature | Detail |
|---|---|
| Metering | CPU, memory, and network IO. Assigns usage to customers, accounts, and users |
Federation
Delivering the flexibility to run any workload on any cloud so long as the permissions permit the action, the resources are available, and the end user is willing to pay
| Feature | Detail |
|---|---|
| Multi-site | Single Nimbula Director deployment spanning multiple sites |
| EC2 | Deploy workloads to EC2 with the same permissions model, launch plan, and audit trail as when deploying to Nimbula Director. |