To reduce cost of an information department, a business form to outsource in-company information system operation and company home page management to an ASP (Application Service Provider) is on the increase. There are many forms in such a manner that the ASP outsources computer resource supply and operating management to a data center operator.
The data center operator prepares a great number of computer resources which are divided to plural user companies for use so as to reduce its own operating cost and supply a service at low cost to the user companies. To hold security between the user companies, generally, different computer resources and storage resources are often allocated to each of the user companies.
Since a load of the user company is fluctuated depending on time and season, there are many agreement forms to increase or decrease allocated resources according to the load. In particular, when undertaking company home page management, it is difficult to predict a load due to access from an indefinite number of consumers via the Internet. For this, the user company side makes an agreement with the data center operator so as to increase for a certain period a predetermined number of computer resources by predicting load increase, for example, in a new product presentation. The data center operator allocates the increased computer resources to another user company for another period so as to make effective use of the resources. To facilitate such configuration change, the data center is configured so that a load balancer is arranged before plural computer resources to allow a user company A to use the computer resources for a certain period and to allow a user company B to use them for another period. An example of the load balancer includes ACE director produced by Alteon (Nikkei Open Systems 1999. 12 no. 81 pp. 128–131). The load balancer is manually configured based on the above agreement. When the storage resource must be increased, the storage contents must be duplicated.
Since the data center supplies different computer resources to many user companies, a great number of computer resources must be managed, resulting in increased managing cost. It can be considered a method in which a small number of computer resources each having high performance, for example, high multiplex SMP computers are introduced and controlled so that plural user companies share them. To hold security between the user companies, the function of a virtual computer is used. An example of the virtual computer includes a processor resource division managing function PRMF manufactured by Hitachi (HITAC Manual 8080-2-148-60). In the PRMF, plural OSes (operating systems) are operated on one computer, and an independent resource, e.g., a main memory or network adapter is allocated to each OS. Since a resource is not shared between the OSes, security between programs of different user companies executed on different OSes can be held. The PRMF is configured so as to control CPU resource percentage allocated to each OS. Only previously planned percentage change is enabled.
In general, the data center is used by plural users. A technique to hold security to maintain data independence for each user is considered. As the currently-known main security technique, VLAN (VPN/VLAN text published by Ascii Corp., pp. 31–42), VPN (VPN/VLAN text published by Ascii Corp., pp. 7–30), and FC zoning (SAN published by Piason Education, pp. 85–86) are known. The VLAN and the FC zoning techniques realize logically grouped networks which disable access to each other. The VPN is a technique to hold security for a user by encryption and packet priority control. The VPN can also guarantee a network use bandwidth. The zoning technique can control access to the storage at the port of a storage network switch allocated to the user. For example, a user A can cope with an increased load by incrementing the access priority so as to increase access to an LUN three times in every ten access times of the user to the storage to access to the LUN five times in every ten times. The security technique allows the user to access to and use user-dedicated data in the computer resource in the data center without anxiety of security. The network manager typically plans and statically configures a VLAN, VPN and FC zoning, and does not change the configuration when not required.
Finally, making of a service level agreement between the ASP, ISP (Internet Service Provider) and user is being typical. A service level guarantee agreement including connectability, availability, and latency performance is made. There are many forms to make a compensating agreement at an unsatisfied guarantee level.
The above prior art has the following problems.
In a method for manually configuring a load balancer and a network switch based on an agreement, it is difficult to cope with in real time abrupt load fluctuation which can not be predicted on the user company side. This is the same for the case of allocating different computers between users and the case of using a virtual computer. Further, the network mangers of both the user and the data center expend enormous efforts for system extension and holding of user's network security. In an environment to dynamically change a network configuration by load fluctuation, it is difficult to always manually manage the user's security.