Welcome!

@CloudExpo Authors: Elizabeth White, Dean Madison, Pat Romanski, Shelly Palmer, Karthick Viswanathan

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog

@CloudExpo: Article

The Cloud’s Little Secret

Before I let you in on the Secret, let’s start with a little history

Think back to when you were a kid. Remember that thing you thought, felt, wanted or did that you were embarrassed about? You probably worried that you were the only person in the world who had that thought, feeling, desire or behavior. It was your Little Secret. Only as you got older did you figure out that it was actually pretty common, that everyone did that, or felt that way, at least once in a while. And that maybe it even had a name.

If you're a nerd like me, you probably had more than one of these.

As we've talked to customers, prospects and vendors in the industry, we've realized that the Cloud has a Little Secret. It doesn't have a popular name yet. But I'm here to reassure you that everyone does it. And it's okay if you do it too.

Before I let you in on the Secret, let's start with a little history.

The "cloud" terminology has been around for a while, but it was broadly popularized when Amazon Web Services started offering its S3 storage service and its EC2 compute service. With these services, you could easily store data or run software without owning or managing the physical infrastructure. Quickly, Software-as-a-Service (SaaS) companies like Salesforce.com realized that there were similarities between their offerings (which had been around for almost a decade) and this new "cloud." So as not to be left out of the hype cycle, they started calling their offerings "cloud." Fair enough: indeed, with SaaS you don't have to manage the infrastructure or the software.

Lately, though, it seems that partisans of this model - I am talking specifically about SaaS that is shared-everything, and multi-tenant at the application and database level - are attempting to abscond entirely with the term. I've had industry analysts and others tell me that, for all intents and purposes, Cloud means multi-tenant SaaS. When I challenge this point of view by asking whether Amazon EC2 is "cloud," they mutter something about it being transitional, or mainly for online games, or for high-performance computing. Certainly it's not where enterprises or ISVs should be, according to this viewpoint.

Let's face it; shared-everything SaaS has a lot of advantages. It's easy to get started, you can access it from anywhere, the pricing model is subscription-based rather than license-based, and you don't need any technical skills or staff to use it. It just works. Standing Cloud uses Rally, Google Apps, Beanstalk and Desk.com. We certainly have no aversion to the model.

But there is another way to deploy software in the cloud and deliver it as SaaS. Forbes columnist Dan Woods and the folks at SugarCRM sometimes call it "Distributed SaaS." I like to call it "cloud-premises" or "virtualization SaaS" (vSaaS). I'm sure there are other names floating around, but none in common use.

The Naughty Little Secret of the Cloud is that people are deploying their applications as a distinct instance on Infrastructure-as-a-Service virtual servers. It's multi-tenant, but through server virtualization rather than application code, and therefore is not "shared everything." We've talked to many companies and ISVs who are doing this, and some feel vaguely embarrassed about it, as though they were doing something wrong. But they needn't feel that way. A lot of people do this, and they have good reasons for it, and it's nothing to be ashamed of.

For example, 451 Research analyst Carl Lehmann noted in a recent report that Exostar Corporation, a leading provider of cloud-based business-to-business collaboration solutions to the aerospace and defense industries, "began implementing a shift in strategy when it realized, after six years of trying a multi-tenant SaaS model, that it was unable to satisfy the needs of its top clients." According to Lehmann, issues of identity assurance, security and control of intellectual property combined to "make multi-tenant architectures suspect" in their industry.

Similarly, Interactive Intelligence, a provider of Communication-as-a-Service delivered under a virtualized single-tenant model, is winning against multi-tenant competitors, due in large part to their customers' need for control over the timing of upgrades, and strong preference for true data isolation.

Let's take a closer look at some of the reasons why this deployment model might be right for you and your application:

  • Data isolation. Some customers are nervous about proprietary company information in a shared-everything application model. Indeed, every time the service has a feature update, customers are just one bug away from a potential data leakage problem: the isolation depends on the software code and the quality assurance procedures of the software provider. In IaaS, data is isolated via virtualization, and the hypervisors that provide the virtualization are vetted much more broadly than the application code.
  • Control over upgrades. This is the reason we hear most often. Invariably, a shared-everything SaaS application is upgraded on exactly the day you most need to be productive. Everything takes longer because the features work differently, and integrations / automations / add-ons actually break due to incompatibility. If the application is used broadly within an organization, a customer may want to train staff on the new version prior to launch. When an application instance is deployed separately, the customer controls when upgrades happen.
  • Customization and configuration. Some firms must customize applications to match their business processes, either because those processes are a competitive differentiator, or because the cost of changing them to match an application is too high. Recognizing this need, Saleforce.com created the Force.com Platform-as-a-Service (PaaS) that allows applications to be customized or built within the Salesforce environment. But most SaaS companies do not have the resources to build this sort of environment, and their architecture may even preclude it. In contrast, an application deployed separately on IaaS is easy to customize and configure.
  • Infrastructure lock-in. Shared-everything SaaS usually bundles the application subscription and infrastructure costs into a single monthly price, typically by number of users. End customers have no say in where the application is actually hosted, and if the infrastructure fails to keep up with the market with respect to performance, cost, and reliability, there is no recourse short of converting to a new application. Whenever you use a software application, you are locked into the application to some degree, but when the application is deployed as a separate instance on IaaS, you can at least move to new infrastructure if necessary.
  • Development effort and pitfalls. Depending on how the application code is written, and what level of quality assurance resources you have available, converting an "on-premises" application to "multi-tenant shared-everything" can be an extensive and ongoing development effort. It will increase your time-to-market and may or may not be what the market actually wants, given the points above. Further (and if you have a sense of irony this is really quite funny), a lot of shared-everything implementations find that the database is a performance bottleneck and they end up having to "shard" it - i.e., split it into separate databases in some way. What's typically the easiest way to shard a shared-everything database? Yep, that's right: by customer. This deployment Franken-model is very difficult to manage.
  • Single point of failure. If a shared-everything SaaS application is down, you and all their other customers are down, and there is pretty much nothing you can do about it. Even if you have some sort of data download, there is no application on which you can immediately get this data up and running. You're just going to have to wait for them to fix it. With a separately deployed application instance, in the event of infrastructure downtime you can simply redeploy the application on another IaaS service (temporarily or permanently) and restore a backup.

There's no question that shared-everything SaaS is a terrific model and works well in many circumstances. But the same is also true of separately deployed applications on IaaS. Maybe someday, someone will come up with a catchy name for this deployment model. But for now, just remember it's okay. Everyone does it.

More Stories By Dave Jilk

Dave Jilk has an extensive business and technical background in both the software industry and the Internet. He currently serves as CEO of Standing Cloud, Inc., a Boulder-based provider of cloud-based application management solutions that he cofounded in 2009.

Dave is a serial software entrepreneur who also founded Wideforce Systems, a service similar to and pre-dating Amazon Mechanical Turk; and eCortex, a University of Colorado licensee that builds neural network brain models for defense and intelligence research programs. He was also CEO of Xaffire, Inc., a developer of web application management software; an Associate Partner at SOFTBANK Venture Capital (now Mobius); and CEO of GO Software, Inc.

Dave earned a Bachelor of Science degree in Computer Science from the Massachusetts Institute of Technology.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
In his session at @ThingsExpo, Greg Gorman is the Director, IoT Developer Ecosystem, Watson IoT, will provide a short tutorial on Node-RED, a Node.js-based programming tool for wiring together hardware devices, APIs and online services in new and interesting ways. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes in the palette that can be deployed to its runtime in a single-click. There is a large library of contributed nodes that help so...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
SYS-CON Events announced today that SourceForge has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SourceForge is the largest, most trusted destination for Open Source Software development, collaboration, discovery and download on the web serving over 32 million viewers, 150 million downloads and over 460,000 active development projects each and every month.
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak...
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more inf...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
"Our strategy is to focus on the hyperscale providers - AWS, Azure, and Google. Over the last year we saw that a lot of developers need to learn how to do their job in the cloud and we see this DevOps movement that we are catering to with our content," stated Alessandro Fasan, Head of Global Sales at Cloud Academy, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
Many organizations adopt DevOps to reduce cycle times and deliver software faster; some take on DevOps to drive higher quality and better end-user experience; others look to DevOps for a clearer line-of-sight to customers to drive better business impacts. In truth, these three foundations go together. In this power panel at @DevOpsSummit 21st Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, industry experts will discuss how leading organizations build application success from all...
Cloud-based disaster recovery is critical to any production environment and is a high priority for many enterprise organizations today. Nearly 40% of organizations have had to execute their BCDR plan due to a service disruption in the past two years. Zerto on IBM Cloud offer VMware and Microsoft customers simple, automated recovery of on-premise VMware and Microsoft workloads to IBM Cloud data centers.
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.