Can OpenStack be used without a Cloud Management Platform? Five Challenges that you would face if you did just that.

Many customers are attracted by the fact that OpenStack is freely available and wonder about the need for a cloud Management Platform, such as BMC CLM. However, market experience and a number of cloud false starts have shown that cloud computing—at least the successful kind—is not easy. Heterogeneous infrastructure and multiple platforms are the reality for most enterprises today and, combined with increasing levels of IT security threats, make cloud management a complex and sometimes daunting task. Enterprises struggle to manage this complexity with OpenStack alone. To explain why, we analyze 5 challenges of running a private cloud with OpenStack without an accompanying CMP, such as CLM.
Challenge 1: Breadth of functionality
Building a cloud solution takes more than just the technical infrastructure functions and management tools that OpenStack provides. It involves implementing a set of business, architectural, and functional requirements which OpenStack usually lacks.

Challenge 2: When is “free” really free?
Although OpenStack is marketed as free software, industry experience so far has been quite the contrary because there are hidden costs to implement, operate, and support OpenStack. Each year there is increasing agreement among customers that a skilled engineering team is needed to develop missing capabilities and then customize, integrate, and maintain OpenStack to make it usable in enterprises. Most deployments require five to ten engineers to do development, customizations, integrations, and operations using OpenStack. The development team typically enhances OpenStack with needed cloud management capabilities such as governance, UI enhancements, compliance, automation, and policies. With BMC CLM, this additional development effort for would not be needed. Of course, both BMC CLM and OpenStack require integrations to enterprise systems as well as day to day operations for these systems.

Challenge 3: Depth of functionality
Governance, policies, and pooling of resources
OpenStack does not have deep and flexible functionality in governance, policies, and pooling of resources into higher-level logical constructs, such as logical data centers and configurable user-extensible policies to map workloads to logical data centers. BMC CLM offers an extensive mechanism to group resources into pools and logical data centers and mark them as shared or private, and has flexible, configurable policies for workload placement based on tenants, tags, or custom workflows.  It also has deep governance ranging from reclamation of resources, quota management (OpenStack has this capability), change management, and CMDB integration.

Platform support
Even though there is a good breadth of platform support in OpenStack, the deep functionality required for enterprise cloud management is lacking at times in many of the drivers. OpenStack Nova provides full support for KVM/QEMU but limited support for Microsoft Hyper-V, Citrix XenServer, and VMware vSphere (which are fully supported by BMC CLM). Hence, if the deployment is using KVM, OpenStack has full functionality, but for others it is better to use platform support that BMC CLM provides directly to these hypervisors.
Service catalog
While BMC CLM has a very extensive service catalog to allow administrators to define offerings and entitlements per tenant, OpenStack lacks this level of flexibility.

Challenge 4: Managing risk
We have all heard about the huge increase in IT security threats that have emerged over the last year or so. Hacking incidents, viruses, and vulnerabilities such as Heartbleed, Ghost and ShellShock have hit many companies hard. No IT organization can afford to ignore risk management for both legacy and new cloud infrastructures. Compliance, security, patching, governance, and policies are not built into OpenStack. Again, additional effort is required to integrate OpenStack to Chef, Puppet or some other tool to provide these policies, such as server hardening, server compliance, and server patching. BMC CLM can perform automated compliance and patching on services across all legacy data center infrastructure as well as public and private cloud infrastructure, including OpenStack private clouds, in a consistent manner to reduce risk from provisioning and throughout the lifecycle of the service.
Challenge 5: Heterogeneous platforms and hybrid cloud infrastructure are a reality
If an organization has a single OpenStack infrastructure; does not have any other infrastructures such as VMware vCenter, Microsoft Hyper-V, or public clouds; and has little governance or automation requirements, then the need for a CMP is questionable. However, most enterprises have a hybrid infrastructure with multiple platforms such as Hyper-V, vCenter, and KVM; multiple private clouds; and possibly even multiple public clouds. Sourcing policies seeking to avoid vendor lock-in, as well as mergers and acquisitions, dictate that heterogeneous infrastructure is the new reality. Managing across all of these different platforms becomes very complex: with different people, processes, and technologies required to manage each infrastructure, IT costs can quickly skyrocket. To provision agile services while ensuring costs are kept under control and risk is minimized, IT organizations require a management platform that can abstract the complexity of provisioning and managing across heterogeneous infrastructures and provide a single pane of glass for users as well as administrators.  BMC CLM orchestrates the agile delivery and ongoing management of IT services across hybrid cloud and legacy infrastructures to reduce costs while applying consistent compliance and governance policies across all platforms.

Conclusion

Running OpenStack without a cloud management platform is sufficient only in basic cloud use cases. OpenStack has a number of gaps that preclude it from being a complete enterprise grade cloud solution. OpenStack and CMPs such as BMC CLM are not competitive but complementary. Using them together will make private clouds truly enterprise grade.