In the mid 1950s, color television was finally really available – there were network shows filmed in color, stations broadcasting color signals and televisions to receive them. (This was also when we got our first black and white television at home, but that is another story.) Within a couple of years there were at least two local radio stations advertising they were “color radio.” Whatever that meant. Today, the big thing is “green.” Even if the only attribute of a product that is really green is the color of the package, companies want to get the appeal of “green” associated with them.
Similarly, there are many companies that advertise a product or service with “Cloud” in the name that really have nothing to do with Cloud Computing. Many managed services companies have simply added the word “Cloud” to their offering. What they are calling a co-located private cloud, secure private cloud, or cloud-in-a-box is not really the Cloud. (These are intended to be descriptive names, not a specific product name. If I have accidentally picked a real offering name, my apologies.)
Let’s start with the definition of Cloud Computing. I prefer to use the definition provided by NIST, the U.S. National Institute of Standards and Technology (formerly the National Bureau of Standards). They recently published updates to their Standards Roadmap (July 2011) and their Cloud Computing Reference Architecture (September 2011). According to NIST,
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
The five essential characteristics according to NIST (with my comments within brackets [ ]).
- On-demand self-service.
A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service’s provider. [This should usually be provided in fairly granular units, often much less than a single physical resource such as a server or disk storage unit.]
- Broad network access.
Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and personal digital assistants [PDAs]). [To get this level of network access requires that the Internet be part of the network.]
- Resource pooling.
The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence [emphasis added] in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.
- Rapid elasticity.
Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time. [The easiest way to view this is that there is always the exact amount of resources available to do the job within the performance service level agreements, no matter how the load goes up or down over time.]
- Measured Service.
Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service. [This is often referred to as “pay for use” or “utility billing.”]
Almost all Cloud Service Providers (CSPs) that offer the Public Cloud provide all of these characteristics. Go to Amazon, Google, or any of the hundreds of other Public Cloud CSPs and you may never actually interface with a human, nor will a human ever be involved in providing the resources in the Cloud. Everything is done over the Internet. Your work is using the same resources that dozens, hundreds, or thousands of other customers are using. You likely do not know where your work is being processed, although you can usually specify at least the country. The resources scale up or down as required (although you can usually impose upper limits to avoid run-away scenarios). Your cost depends on how much resources you use. It is really as simple as provide a credit card and you have a data center that is always exactly the size you need.
This is especially great for small business, startups, though even large enterprises can profit. You do not have to know what resources you will need or how those requirements will change over time. Have a need, have a credit card, and you can get a data center, usually within minutes. Want disaster recovery? Just pay a little extra for the option and your CSP will automatically fail your work over to another data center hundreds or thousands of miles away. Decide you need to expand your market to another continent? Ask your CSP to host part of your work at a data center within your new market. This eliminates the Internet lag time crossing intercontinental distances (at least one quarter of a second from the eastern US to India), and, very importantly, can enable you to comply with local privacy laws.
A Private Cloud can be a much different story. In a Private Cloud, specific hardware components are assigned only to your work. No other customer is sharing “your” server or “your” disk storage unit.
Long before the Cloud existed, Managed Service Companies (MSCs) started addressing some of the critical problems companies were having with their IT infrastructure. They would come in, buy your infrastructure, “buy” your IT personnel, then lease it all back to you. The equipment might stay in your own building, exactly where it was. From an appearance perspective, nothing changed. The same people came in every day and did the same things on the same equipment to provide the same services. But it had three very important benefits:
- You no longer had the capital expense of procuring equipment and keeping it up to date, and you no longer had the personnel costs associated with the staff on your books as employees. Now everything was an operating expense. If you needed more equipment, or more people, it was the MSC that did the procurement, installing and supported the equipment, did the hiring, handled the training, and paid the taxes. Overall, the total cost probably dropped a little but the accounting was a lot simpler, and the relationship between cost and benefit was a lot clearer.
- IT was the MSC’s core competency. They were a lot better than you were at running data centers. They could improve your security, performance and availability simply because they knew, and followed, best practices. Things got better.
- Because the MSC was in the business of running data centers, they could almost always procure equipment and people a lot faster than you could. They could almost always do in weeks what you took months to accomplish in terms of updating your IT capability. This meant that you were now much more agile, and able to react more quickly to competitive pressures, business opportunities, or changes in regulations or compliance rules.
The next step was to physically move “your” equipment and personnel to the MSP’s facility, along with the infrastructure and personnel of other customers. Now the MSP can provide more specialized resources, like security experts, as a reasonable price since they can spread the cost across many customers. By having some spare equipment, they can provide faster response to increase resource requests. Through appropriate location selection, they can save money on power and people. The bottom line is lower costs to the customer, better security, performance and availability, and more agility. These MSPs can often provide increases in server performance and storage capacity in a day or less.
Initially, the MSP took control of everything. With their “Cloud” offerings then allow a company to take a single or small set of applications and move them to their managed services offering, usually hosted at their facility. Some companies, not necessarily MSPs or CSPs, offer some form of “cloud-in-a-box,” usually a single rack of servers, storage and network gear that can be set in your facility and used as a local Private Cloud. They usually provide more processor power and storage capacity then you initially need, allowing for some level of growth. They often charge based on what you actually use.
While these solutions provide some of the benefits of the Cloud, they are not the Cloud.
- You don’t have on-demand self-service. Beyond some point, real people have to be involved to increase performance and capacity. Those increases are not fine grained, but fairly large increments such as one or more servers or one or more storage units. For example, while most CSPs charge for Public Cloud storage on the gigabyte level, most Private Cloud storage is charged on the terabyte level (a terabyte is one thousand gigabytes).
- You can easily get broad network access.
- With a Public Cloud in an MSP’s or CSP’s facility you do get some limited level of resource sharing in the area of network and spares. In your own facility, you may get some network resource sharing but no server or storage resource sharing. Obviously, in a co-located private cloud there is no location independence, and often with an MSP you know exactly where your equipment is located.
- With a Private Cloud in an MSP’s or CSP’s facility, you can get fairly rapid elasticity, but no where near what you can get in a Public Cloud. Few MSP’s or CSP’s provide a means to reduce the resources (or price) assigned to your workloads, even if the requirements reduce.
- Most CSPs will charge based on actual usage, many MSPs still charge on the basis of what equipment is assigned to your workloads.
Most importantly, however, is that it doesn’t matter whether what you have is the real Cloud or just called the Cloud. What matters is that it provides you the appropriate levels of security, availability, and performance with the benefits of reduced cost, better agility and reduced aggravation versus running your own shop. When a “private cloud” in name or in reality solves your business problems, use it. Any of these solutions can open up the opportunity to use Cloud Bursting, the automatic rolling of some of your workload from a Private Cloud to a Public Cloud due to increased workload or a disaster. Many MSPs and CSPs provide this option, which can provide a very low cost disaster recovery or peak period solution.
One way to tell if you are dealing with a real cloud company or a managed services company trying to become a cloud company is if they can provide you a single invoice for this kind of hybrid public / private cloud environment. Several of the MSPs I have talked with provide two invoices, largely due to a lack of full integration of their managed services offerings into their Cloud offerings.
The last word:
A co-located Private Cloud may not be a real Cloud, but it can still provide your company real value. Perhaps more importantly, it can be an important step in going to the Cloud. From the pure technology side, if you can move one or more applications to this local cloud, you can easily move them to the real Cloud when, and if, it provides the right benefits at acceptable risk.
And, if your boss is pressuring you, you can announce that the company is now “in the Cloud.”
Keep your sense of humor.