Welcome!

@CloudExpo Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Pat Romanski, Larry Alton

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog

@CloudExpo: Article

The New Holy Grail: Application Portability in the Cloud

How PaaS can empower the real-world enterprise and deliver on the promise of the cloud

Today's enterprise is built on the promises of mobility, everywhere-access and flexibility. We work on multiple devices when and where we want - at the office, on the road or at home. We expect full access to our data and applications - on a sales call, in a boardroom or on a cross-continental flight. And we expect to be able to transfer our data seamlessly between platforms -on a mobile device, on the desktop or in the cloud.

Why should enterprise cloud application data be any different? Enterprises housing apps in the cloud should expect to be able to position application data to optimize service, ensure regulatory compliance and preserve privacy. Application portability is a mission-critical demand of the real-world enterprise, and yet it's a need left unfulfilled by public cloud providers.

Why Move Apps to the Cloud?
Moving to the cloud brings tangible business benefits that include cost savings, resource efficiencies and scalability:

  • Cost savings: With cloud hosting services, you pay only for the data storage space you need. You save on infrastructure costs by paying incrementally, as your business grows.
  • Storage: Private servers and computer systems are costly to buy and to maintain. You get greater storage capacity in the cloud without the infrastructure investment.
  • Backup: Hosting your applications and data in the cloud means an automatic off-site backup system and disaster recovery mechanism.
  • Automation: You can push new updates directly to the cloud without worrying about constant server updates, which gives IT the freedom to concentrate on innovation rather than maintenance.
  • Flexibility: The cloud delivers more flexibility than traditional methods of deploying applications and infrastructure, and it offers the mobility your users need to access information from wherever they are.

What Does Cloud Portability Really Mean?
The successful enterprise must be able to scale up and down as demands dictate, without constantly worrying about IT infrastructure requirements. The benefits of hosting applications in the cloud come down to flexibility - the ability to innovate quickly, deploy rapidly and provision space as required.

The Need for Speed...and New Switching Costs
The real-world enterprise has a need for speed: moving quickly from idea to design to prototype to proof-of-concept to trial to production. No CIO wants to wait weeks for hardware and software stacks to be configured on a set of servers that the company will eventually outgrow. Businesses look to cloud service providers to help provision infrastructure resources. But making a snap decision on a cloud service provider in order to meet production timelines can introduce risks related to privacy, data sovereignty, service level agreement delivery and proprietary codebase conflict. Once an enterprise locks in with an outside cloud service provider, it becomes tough, if not impossible, to move applications into a new environment.

Impediments to Portability
Cloud portability is about being able to migrate from one cloud environment to another with minimum integration effort and minimal reengineering. Think of it as optimizing IT operational flexibility for the sake of the enterprise's business needs. But shifting applications from one cloud service provider to another isn't a trivial task: Building and deploying applications to clouds built on proprietary deployment models or technology stacks complicates things when it comes time to move from one vendor to another.

Let's be fair: Signing up for a service provider requires trust and dependence on that vendor. But the real-world enterprise CIO should be able to preserve some semblance of flexibility in developing and deploying applications. The ideal scenario in moving from one cloud service provider to another is a seamless service experience. By increasing service and application portability in a neutral and standardized cloud vendor ecosystem, portable deployment to any cloud can become possible.

Building apps on open, portable standards is one way to limit the costs (and risks) of vendor lock-in. But the real-world enterprise demands more than such a simple, so-called "greenfield" solution: the holy grail of cloud application portability is the smooth migration of existing applications.

Getting to the Holy Grail of Cloud Application Portability
Idealized portability means a full application life-cycle experience - from code to cloud to portability. Real-world enterprise applications should be able to work where and when required, in multiple jurisdictions, in multiple zones, on different clouds, and with different skins.

Sounds great! But how to get there when cloud service providers operate with competing frameworks and unique specifications?

When an application is pushed to a new cloud, there are many interdependencies that must be identified and re-evaluated. Service providers frequently toss around "standard" terms like service, application composition, orchestration and platform, yet these terms can differ in meaning from provider to provider, and in practice, dramatically affect (or even thwart) cloud application interoperability.

Formal industry standards for cloud interoperability are still being developed. The Organization for the Advancement of Structured Information Standards (OASIS), a not-for-profit consortium that drives the development, convergence and adoption of open standards, has formed TOSCA (Topology and Orchestration Specification for Cloud Applications), a technical working group created to develop a description of application and infrastructure cloud services, and to define the relationships and operational behavior of these services independent of suppliers and hosting technology.

TOSCA aims to make it possible for higher-level operational behavior to be associated with cloud infrastructure management. Having an interoperable description of all the application and infrastructure cloud services, the relationship between parts of any service, and the operational behavior of the services independent of the supplier creating the service will enhance the portability of cloud applications and services.

We are a long way from cloud interoperability standards. What's the best option in the meantime? A Platform-as-a-Service (PaaS) layer.

How PaaS Solves the Interoperability Problem
A standard open approach would simplify all the interfaces common to multiple clouds without doing away with the specific added-value features that make each of those cloud's business and operating models unique.

Until interoperability standards are in place, running cloud apps requires an elastic application middleware layer - a PaaS. A PaaS sits between the software and the infrastructure, providing everything necessary for an application to run: hardware (virtualized or not), operating system, database, language runtime, modules, and web framework. A PaaS can be deployed on multiple hypervisors and on different types of Infrastructure-as-a-Service (IaaS) foundations. In a three-tiered cloud computing model, the PaaS layer lies between the application and the IaaS, and provides the elastic middle layer and solution stack as a service that allows for portability - so applications can be pushed (or migrated) to any cloud with little or no reengineering required.

Private PaaS: Metaphorical "Bubble-wrap" for Enterprise Applications
Achieving cloud application portability requires a multi-platform PaaS layer built with open standards and lightweight bindings. Not surprisingly, few public cloud providers offer a solution that makes it easier to switch to another vendor's hosting service. When that economic reality collides with the privacy and security demands of the real-world enterprise, private PaaS becomes all the more attractive.

A private PaaS layer offers the same advantages as a public cloud - scalability, efficiency, elasticity, etc. - but also provides the additional security, control, and customization afforded by dedicated resources.

A private PaaS is operated for a specific organization, either by the organization itself or by a third-party. Private PaaS - whether hosted on-premise or off, in a public, private, or hybrid environment - is about control; it is operated for a specific organization, either by the organization itself or by a third party.

For instance, implementation behind a corporate firewall can ensure data privacy, security, and control. That makes sense for large enterprises with specific IT security requirements that can't be reasonably met with a shared-resource public cloud model. And compatibility is never guaranteed. Even if a public-cloud hosting provider offers a PaaS, that vendor might not know how to install, deploy, run, and manage every specific application(s) of a particular real-world enterprise.

Private PaaS: Not Just for Private Cloud Anymore
Hosting cloud applications on premise is the most secure way for enterprises to manage data. But private PaaS isn't just for private cloud. Deploying a private PaaS in a public cloud model adds an additional layer of security. "Packaging" applications in private-PaaS' metaphorical bubble wrap can reduce the risk of data breaches. (With "individually packaged" private-PaaS-protected applications, there's no "hack once, compromise all" prize, even on a public-cloud infrastructure.)

Want Control? Flexibility? Portability? Get a PaaS
Deploying applications using a Platform as a Service (PaaS) middleware layer enables the real-world enterprise to manage applications in line with business priorities, and not just to accommodate the constrictive operating limitations of a cloud hosting provider. Enterprises deserve flexibility, and IT/DevOps should be able to move applications - across infrastructures, clouds, and providers - at their discretion. That's the promise of the cloud. Delivered.

More Stories By Diane Mueller

Diane Mueller is a leading cloud technology advocate and is the author of numerous articles and white papers on emerging technology. At ActiveState, she works with enterprise IT and community developers to evangelize the next revolution of cloud computing - private platform-as-a-service. She is instrumental in identifying, building, and positioning ActiveState's Stackato cloud application platform. She has been designing and implementing products and applications embedded into mission critical financial and accounting systems at F500 corporations for over 20 years. Diane Mueller is actively involved in the efforts of OASIS/TOSCA Technical Committee working on Cloud Application Portability, works on the XML Financial Standard, XBRL, and has served on the Board of Directors of XBRL International. She currently works as the ActiveState Cloud Evangelist.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
Most of the time there is a lot of work involved to move to the cloud, and most of that isn't really related to AWS or Azure or Google Cloud. Before we talk about public cloud vendors and DevOps tools, there are usually several technical and non-technical challenges that are connected to it and that every company needs to solve to move to the cloud. In his session at 21st Cloud Expo, Stefano Bellasio, CEO and founder of Cloud Academy Inc., will discuss what the tools, disciplines, and cultural...
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
IBM helps FinTechs and financial services companies build and monetize cognitive-enabled financial services apps quickly and at scale. Hosted on IBM Bluemix, IBM’s platform builds in customer insights, regulatory compliance analytics and security to help reduce development time and testing. In his session at 21st Cloud Expo, Lennart Frantzell, a Developer Advocate with IBM, will discuss how these tools simplify the time-consuming tasks of selection, mapping and data integration, allowing devel...
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, vi...
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, will discuss how data centers of the future will be managed, how th...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em...
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more inf...
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.