|By Rod Fontecilla||
|April 13, 2009 10:45 AM EDT||
Cloud computing refers to the practice of leveraging third-party computing resources, such as network grids and server farms, to extend IT capabilities and reduce the cost of ownership. This practice offers numerous potential benefits to organizations that want to centralize software and data storage management while eliminating the costly overhead of in-house hardware and software maintenance and the personnel required to build, support, and maintain enterprise computing solutions.
Cloud computing has emerged as a new computing paradigm that gathers massive numbers of computers in centralized data centers to deliver Web-based applications, application platforms, and services via a utility model. The primary difference between the service models of cloud computing and previous software (e.g., outsourcing or data center consolidation) is scale. The premise is that as the scale of the cloud infrastructure increases, the incremental time and cost of application delivery trends toward zero.
Cloud computing allows users to dynamically and remotely control processing, memory, data storage, network bandwidth, and specialized business services from pools of resources, providing the ability to specify and deploy computing capacity on-demand. If there's a need to scale up to accommodate sudden demand, users can add the necessary resources using a Web browser. The large data center can provide similar services to multiple external customers (multi-tenancy), leveraging its shared resources to increase economies of scale and reducing service costs.
Although cloud computing is in its early stages and definitions vary greatly, the underlying technologies today are consistent. These technologies include the following:
- Grid computing: A form of distributed parallel computing whereby processes are split up to leverage the available computing power of multiple CPUs acting in concert.
- Utility computing: A model of purchasing computing capacity, such as CPU, storage, and bandwidth, from an IT service provider, billed based on consumption.
- Virtualization technologies: Virtual servers and virtual private networks provide the ability to quickly reconfigure available resources on-demand and provide the necessary security assurance.
There are a number of service offerings and implementation models under the cloud computing umbrella, each with associated pros and cons. These models can be grouped into the following three categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS). These models target varying levels of services, ranging from general infrastructure services, such as operating systems or database services provided by IaaS vendors to targeted functional services provided by SaaS vendors (e.g., customer relationship management from Salesforce.com).
The various players in the current market can be differentiated into the following two categories:
- Cloud Providers: Offer one or more of the cloud models (i.e., IaaS, PaaS, or SaaS) as a service. Examples include Amazon and Google.
- Cloud Enablers: Provide technology or have adapted existing technology to run on or support cloud computing. A recent example is Oracle's partnership with Amazon to add Oracle 11g database support (technology and licensing) to Amazon's existing EC2 services offering.
We recognize that the transition to a cloud computing paradigm presents a number of challenges. Issues associated with information security, reliability, and service level agreements challenge mission-critical systems. Furthermore, we've identified what we consider the key characteristics of a cloud computing environment:
- Minimized capital expenditure - infrastructure is provider-owned
- Device and location independence
- Multi-tenancy - enables resource and cost sharing among a large pool of users
- Monitored and consistent performance - can be affected by high network load
- Reliability via redundant sites - allows for business continuity and disaster recovery
- Scalability to ever-changing user demands - results in lower costs
- Improved security from centralized data and increased security-focused resources
My experience has emphasized the importance of "architecting for the cloud" versus simply deploying system components to the cloud to ensure that business requirements are met. Typical software and systems that are not designed to take advantage of the scalability and parallelism of the cloud will likely not achieve the full benefit that is provided by a cloud computing environment. It's also highlighted the need to transition the role of IT managers to brokers and negotiators of IT services rather than the day-to-day management of the operating platform.
My analysis of the benefits and challenges presented by the cloud computing paradigm has resulted in the identification of the following three cloud variations:
- Commercial Cloud: It consists of deployment to one or more of the commercial cloud providers (e.g., Amazon or Google). It could be a simple integration with an existing SaaS service to support a subset of application functionality or could consist of a complete migration to the cloud. This may be appropriate for non-mission critical systems (e.g., < 99.99% availability) that do not process sensitive data or where sensitive data won't traverse system boundaries to the cloud.
- On-Premises (Private) Cloud: An on-premises cloud could be created to provide some of the benefits of cloud computing. Booz Allen selected a similar option in our implementation for the FBI to address the security concerns associated with a classified environment; however, the multi-tenancy aspect is then limited to a single agency. Consequently, this option doesn't provide the massive scalability that's characteristic of a true cloud.
- Government Cloud: The creation of one or more government cloud computing environments. These environments would be designed specifically to address the concerns that are unique to the government. For civilian agencies, this cloud could be an extension of the current eGovernment lines of business (LoBs).
Though many cloud providers proclaim that moving existing applications to the cloud is seamless and doesn't require code changes, my experience has shown that greater analysis and re-engineering are required to achieve the full benefits of a cloud computing environment. Complexities remain that organizations must consider when moving to the cloud, and careful planning is essential.
Based on the lessons learned from previous efforts, a phased Cloud Computing Transition Methodology designed to address the issues and risks associated with migrating an existing system to the cloud is developed. Figure 1 provides an overview of this approach.
The Cloud Strategy and Planning phase (Phase 1) consists of three steps designed to ensure that all aspects of moving to a cloud environment have been appropriately evaluated and agreed upon. The three steps are:
1. Conduct a Strategic Diagnostic
The objective of the strategic diagnostic is to identify the major factors influencing the decision to move to the cloud environment and determine the best approach. During the diagnostic step, we will validate the key objectives of moving to the cloud and the "pain points" that the organization wants to address. The drivers during this step include reducing day-to-day risk, reducing the level of involvement in day-to-day IT management, eliminating overhead, achieving better productivity, reducing or eliminating the cost of adding additional users, and protecting the information system from misuse and unauthorized disclosure.
The primary areas to be addressed during the diagnostic step are security and privacy, technical, business and customer impact, economics, and governance and policy. We will evaluate the implications of moving to the cloud environment in each of these categories and document the key issues and considerations revealed during the diagnostic step. The outcome of this diagnostic will be sufficient analysis to support a "go/no go" decision to move to a cloud computing environment and the development of an agreed-on cloud strategy.
2. Define a Cloud Strategy
To define a cloud strategy, the organization should document a complete understanding of each component of its existing architecture. The analysis examines the required user services, processing services, information security, application software standards, and integrated software down to each component. This can be achieved by leveraging existing architectural documents and ensuring the appropriate level of detail is documented, including system-to-system interfaces, data storage, forms processing and reporting, distributed architecture, access control (authentication and authorization), and security and user provisioning.
3. Create an Implementation Plan
The implementation plan identifies the roles and responsibilities, operating model, major milestones, Work Breakdown Structure (WBS), risk plan, dependencies, and quality control mechanisms to implement the cloud strategy successfully.
After completing Phase 1, the organization will have fully analyzed its options, identified all requirements, thoroughly assessed short-term and long-term costs and benefits, gained executive governance approval, and socialized the solution with stakeholders (including oversight entities). This phase ensures that the organization will have a high degree of confidence in successfully moving to the cloud environment, reap the expected benefits, not constrain future functionality, and avoid hidden future costs.
The Cloud Deployment phase (Phase 2) focuses on implementing the strategy developed in the planning phase. Leveraging the various cloud models helps identify the most effective solution(s) based on the existing organization architecture. Some of the criteria used in recommending a vendor are the vendor's primary service model (i.e., infrastructure, platform, or software), business model, how much existing technology can they leverage, end-user experience, and risks involved in porting to the cloud. Deploying to the cloud involves taking the decision analysis from Phase 1 as input and proceeding with the following four steps:
1. Assess/Select the Cloud Provider(s)
The assessment step deals with analyzing the components of the architecture and identifying the optimal vendor offerings. One of the main criteria in selecting a provider is its ability to leverage existing technologies. For example, current Oracle customers can use their software licenses on Amazon's EC2 cloud, which allows for reusing existing technologies, whereas current databases can simply be moved to the cloud. In addition, Oracle lets customers deploy on the Amazon cloud through Amazon Machine Images (AMI). This way, a new virtual machine is ready for use with the Oracle database loaded in a matter of minutes.
The assessment step captures three important inputs: the current organization technical architecture, objectives, and the vendor selection criteria that are tailored to meet the organizational objectives. The vendor assessment results in recommendations on the most appropriate cloud vendor, assists in selecting the most effective cloud model, develops deployment strategies, highlights reusable components, and identifies the security options for the cloud architecture.
2. Establish Service Level Agreements (SLAs)
Unlike traditional computing models, where most, if not all, of the components are on-premises and there's direct control over services, cloud computing involves handing off the system to a third-party vendor or vendors. In this case, SLAs address concerns like performance, downtime, provisioning, security, backup, and recovery, and ensure that objectives and established benchmarks are being met. SLAs formalize the contractual agreement between the organization and the selected vendor(s) and will highlight the offerings of the vendor(s), so the expectations on both sides are clear.
A typical SLA will identify service levels for the following:
- Retention Time: During an emergency/outage, how long would it take for the organization to sustain its operations
- Uptime: The percent of the time that the system will be available (e.g., 99.9%) and the period over which the measurement is taken
- Performance and throughput
- Security and Data protection: Where is the data stored? What precautions are taken by the vendor to ensure the data isn't tampered with?
- The level of support offered (e.g., 24/7)
- Service credits if the SLA isn't met
- The SLA can also address specific concerns like the guarantee of data protection and privacy when other foreign entities are hosted
3. Execute Transition
The execution step involves the actual transition of components identified in earlier steps. Based on the number and type of components that are being ported to the cloud, execution can be an iterative process. One of the primary steps in execution is to establish multiple environments, such as development, testing, production, and training. The preliminary questionnaire to set up an environment can include items like the number of instances required, memory, storage space, and basic software that needs to be installed.
4. O&M and Help Desk
The level of O&M and help desk provided by the cloud vendor may be driven by the selected cloud model(s) and will be determined by the SLAs previously established. If an IaaS is chosen where the vendor just provides the hardware resources and the organization installs the software components and deploys the applications, the maintenance provided by the vendor will be limited. Different vendors provide different support models and at different levels. It's important to ensure the kind of essential support functions that will be provided by vendors for successful continuity of operations (COOP) and to understand how operations will be restored on time at the backup site.
Deploying cloud computing solutions requires both a short-term and a long-term strategy. For example, besides the improved scalability and reliability provided by the cloud, which organizations may achieve through the initial transition, re-engineering some components to take advantage of the parallelism provided by the cloud could improve system performance and overall scalability further. Transitioning an existing system to the cloud requires an approach that addresses not only the technical aspects of cloud computing but also considers the objectives of the organization, the constraints imposed by the existing system, and the impact to its existing customers. As an experienced cloud computing strategist, I believe that corporations and even the government sector are prepared to consider the complexities of cloud computing technologies.
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, will explain the best practices of continuous testing at high scale, which is r...
Mar. 30, 2015 02:00 PM EDT Reads: 2,015
Modern Systems announced completion of a successful project with its new Rapid Program Modernization (eavRPMa"c) software. The eavRPMa"c technology architecturally transforms legacy applications, enabling faster feature development and reducing time-to-market for critical software updates. Working with Modern Systems, the University of California at Santa Barbara (UCSB) leveraged eavRPMa"c to transform its Student Information System from Software AG's Natural syntax to a modern application lev...
Mar. 30, 2015 01:00 PM EDT Reads: 1,031
Plutora provides enterprise release management and test environment SaaS solutions to clients in North America, Europe and Asia Pacific. Leading companies across a variety of industries, including financial services, telecommunications, retail, pharmaceutical and media, rely on Plutora's SaaS solutions to orchestrate releases and environments faster and with integrity. Products include Plutora Release Manager, Plutora Test Environment Manager and Plutora Deployment Manager.
Mar. 30, 2015 12:15 PM EDT Reads: 1,618
Hosted PaaS providers have given independent developers and startups huge advantages in efficiency and reduced time-to-market over their more process-bound counterparts in enterprises. Software frameworks are now available that allow enterprise IT departments to provide these same advantages for developers in their own organization. In his workshop session at DevOps Summit, Troy Topnik, ActiveState’s Technical Product Manager, will show how on-prem or cloud-hosted Private PaaS can enable organ...
Mar. 30, 2015 12:00 PM EDT Reads: 1,312
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on T...
Mar. 30, 2015 12:00 PM EDT Reads: 1,483
Mar. 30, 2015 11:45 AM EDT Reads: 1,526
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Ras...
Mar. 30, 2015 11:00 AM EDT Reads: 2,136
SYS-CON Events announced today that SafeLogic has been named “Bag Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. SafeLogic provides security products for applications in mobile and server/appliance environments. SafeLogic’s flagship product CryptoComply is a FIPS 140-2 validated cryptographic engine designed to secure data on servers, workstations, appliances, mobile devices, and in the Cloud....
Mar. 30, 2015 11:00 AM EDT Reads: 1,485
SYS-CON Events announced today that the DevOps Institute has been named “Association Sponsor” of SYS-CON's DevOps Summit, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. The DevOps Institute provides enterprise level training and certification. Working with thought leaders from the DevOps community, the IT Service Management field and the IT training market, the DevOps Institute is setting the standard in quality for DevOps education and training.
Mar. 30, 2015 10:30 AM EDT Reads: 1,180
SYS-CON Events announced today the DevOps Foundation Certification Course, being held June ?, 2015, in conjunction with DevOps Summit and 16th Cloud Expo at the Javits Center in New York City, NY. This sixteen (16) hour course provides an introduction to DevOps – the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will res...
Mar. 30, 2015 10:00 AM EDT Reads: 1,698
Even though it’s now Microservices Journal, long-time fans of SOA World Magazine can take comfort in the fact that the URL – soa.sys-con.com – remains unchanged. And that’s no mistake, as microservices are really nothing more than a new and improved take on the Service-Oriented Architecture (SOA) best practices we struggled to hammer out over the last decade. Skeptics, however, might say that this change is nothing more than an exercise in buzzword-hopping. SOA is passé, and now that people are ...
Mar. 30, 2015 10:00 AM EDT Reads: 1,316
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
Mar. 30, 2015 09:15 AM EDT Reads: 2,245
The WebRTC Summit 2014 New York, to be held June 9-11, 2015, at the Javits Center in New York, NY, announces that its Call for Papers is open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 16th International Cloud Expo, @ThingsExpo, Big Data Expo, and DevOps Summit.
Mar. 30, 2015 09:00 AM EDT Reads: 1,635
SOA Software has changed its name to Akana. With roots in Web Services and SOA Governance, Akana has established itself as a leader in API Management and is expanding into cloud integration as an alternative to the traditional heavyweight enterprise service bus (ESB). The company recently announced that it achieved more than 90% year-over-year growth. As Akana, the company now addresses the evolution and diversification of SOA, unifying security, management, and DevOps across SOA, APIs, microser...
Mar. 30, 2015 08:30 AM EDT Reads: 2,073
The webinar, hosted by XebiaLabs, will feature 4 experts including Special Host Gene Kim, author of The Phoenix Project, along with IT thought leaders Gary Gruver, Randy Shoup and XebiaLabs' Andrew Phillips. The panel brings more than 30 years of collective experience surrounding microservices transformations at major companies including Google, eBay and Tripwire. "The story around microservices and containers is pretty compelling and the attraction of more flexibility is obviously alluring,"...
Mar. 30, 2015 08:00 AM EDT Reads: 1,322
SYS-CON Events announced today that Creative Business Solutions will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Creative Business Solutions is the top stocking authorized HP Renew Distributor in the U.S. Based out of Long Island, NY, Creative Business Solutions offers a one-stop shop for a diverse range of products including Proliant, Blade and Industry Standard Servers, Networking, Server Options and...
Mar. 30, 2015 07:30 AM EDT Reads: 3,855
SYS-CON Events announced today that FierceDevOps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. FierceDevOps keeps software developers and IT operations personnel updated on the latest news and trends around the rapidly evolving role of the traditional IT worker.
Mar. 30, 2015 02:45 AM EDT Reads: 1,518
GENBAND has announced that SageNet is leveraging the Nuvia platform to deliver Unified Communications as a Service (UCaaS) to its large base of retail and enterprise customers. Nuvia’s cloud-based solution provides SageNet’s customers with a full suite of business communications and collaboration tools. Two large national SageNet retail customers have recently signed up to deploy the Nuvia platform and the company will continue to sell the service to new and existing customers. Nuvia’s capabili...
Mar. 30, 2015 01:00 AM EDT Reads: 1,489
WHOA.com has announced the newest addition to its data center footprint with the expansion into Equinix's newest state-of-the-art facility: DC-11 Washington, DC IBX+. Located in Ashburn, VA, this data center expands Whoa.com's presence to meet rapidly expanding customer demand for secure cloud solutions. Equinix, Inc. operates International Business Exchange™ (IBX®) data centers in 32 markets across 15 countries in the Americas, EMEA, and Asia-Pacific. Equinix is committed to operating faciliti...
Mar. 30, 2015 12:00 AM EDT Reads: 1,172
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Mar. 29, 2015 10:00 PM EDT Reads: 1,835