When cloud computing became a topic of discussion a few years ago, public clouds received the bulk of the attention, mostly due to the high-profile nature of public-cloud announcements from some of the industry’s biggest names, including Google and Amazon. But now that the talk has turned into implementation, some IT shops have begun steering away from public clouds because of the security risks; data is outside the corporate firewall and is basically out of their control.
Tom Bittman, vice president at Gartner, said in a blog post that based on his poll of IT managers, security and privacy are of more concern than the next three public cloud problems combined. He also wrote that 75% of those polled said that they would be pursuing a private cloud strategy by 2012, and 75% said that they would invest more in private clouds than in public clouds through 2012.
Frank Gillett, an analyst at Forrester Research, agrees that IT’s emphasis is more on private clouds these days. He says that IT managers “are not interested in going outside” the firewall.
Still, as Bittman’s blog post points out, private clouds have their share of challenges, too; in his poll, management issues and figuring out operational processes were identified as the biggest headaches. And, of course, an on-premises private cloud need to be built internally by IT, so time frame and learning curve, as well as budget, need to be part of the equation.
Indeed, transitioning from a traditional data center — even one with some servers virtualized — to a private cloud architecture is no easy task, particularly given that the entire data center won’t be cloud-enabled, at least not right away.
In this two-part article, we’ll examine some of the issues. Part 1 looks at how cloud differs from virtualization and from a “traditional” data center. Part 2 will examine some of the management issues and look at a few shops actively building private clouds, and the lessons they’ve learned.
While we generally think of a private cloud as being inside a company’s firewall, a private cloud can also be off-premises — hosted by a third party, in other words — and still remain under the control of the company’s IT organization. But in this article we are talking only about on-premises private clouds.
Also, despite all the hype you might hear, no single vendor today provides all of the software required to build and manage a real private cloud — that is, one with server virtualization, storage virtualization, network virtualization, and resource automation and orchestration. Look for vendors to increasingly create their own definitions of private cloud to fit their product sets.
But virtualization and the cloud are not the same thing; to be considered a cloud, the architecture must be set up to provide both orchestration and automation on top of the virtualization layer.
There is no single ‘correct’ way to transition to a private cloud environment from a traditional data center.
Orchestration is the coordinated delivery of many types of resources, such as processors, storage and networks, to provide an integrated provisioning process; resources can be delivered in minutes rather than days or weeks. In other words, a single command or request causes a number of actions to occur, possibly in a specific sequence, to coordinate the provisioning request.
The whole point of a private cloud is to allow IT managers to reduce costs and provide so-called agile provisioning rather than just making management of the infrastructure more convenient. A private cloud with virtualization underpinnings turns the technology infrastructure into a pool of resources that can be provisioned on demand with minimal manual intervention.
Without a focus on delivering IT services, it’s unlikely you’ll attain the full benefit of private clouds.
Another of the main differences between private clouds and traditional data centers involves IT processes. Private clouds may require a re-architecture of how data is used, and processes may have to be rewritten.
For example, today many IT organizations have to contend with sets of requirements that must be met in the provisioning process for budget; discussions with the storage, network and server groups; and tons of paperwork. This type of process is in stark contrast to the streamlined, short-duration provisioning done in clouds. Time to provision may go from weeks in the traditional data center to minutes in a cloud.
You may also have to re-architect deployment of legacy applications to take advantage of private clouds. Many legacy applications are running on mainframes and proprietary Unix platforms. Most virtualized environments, including private clouds, are geared to run on x86-based systems.
Also, in a virtualized environment, we generally don’t know exactly where an application is running at any given time. Because most legacy applications are tied to a specific platform, running them in a private cloud will often require re-architecting them.
Divorcing applications from the hardware is a hallmark of clouds, including private clouds. In a traditional data center, those 10 servers over there might be running billing applications and those five over there running CRM apps. With a private cloud, however, it’s not known ahead of time which servers are running which specific applications. The applications run on whichever servers have free cycles at the time the apps need to run.
Private clouds involve two groups: the IT (data center) operations folks and the business users who want to run applications. A private cloud gives business users the opportunity to quickly provision a server and run an application when they want to — without human intervention.
The IT operations folks have to make sure that sufficient resources are available for the type of on-demand computing that business users have heard is available with public clouds, and that usually means that the wait for user-requested resources is minutes, not days. Anything short of this, and users will be unhappy.
This is what private clouds are all about: providing the on-demand elasticity of public clouds but doing it within the company’s firewall.
Another difference is that some IT managers or business users may expect private clouds to act like public clouds. In a public cloud, the public cloud provider’s IT operations group is responsible for the compute infrastructure, and the enterprise’s business application groups manage and monitor their own applications, under agreement, on the public cloud. If the private cloud is expected to operate in a similar manner, that means the IT group may need to give up its traditional application-management role.
Today, people are integrating storage with virtualization and are beginning to understand the impact of broad virtualization of resources, Iams of Ideas International says. “When we get to the stage where virtualization of servers is the rule rather than the exception and most workloads are virtualized, this is the stage in which virtualization gets woven into the operational process,” he says.
When you get to this stage, you have to rethink what this does to your storage processes, Iams says. “For example, how does virtualization affect backup and recovery?”
Your infrastructure has been fully virtualized when you have server virtualization, storage virtualization and network virtualization. The crossover point from a virtual infrastructure to private cloud comes when you have the management tools that treat all three types of resources — servers, storage and networks — as a single pool that can be allocated on demand.
Of course, all this is from a technology-centric point of view. Iams says that there is a parallel track that relates to the transition from an organizational perspective, including people, processes, governance, policy and funding. One key question: What does a private cloud structure do to budgets and financial flow within an organization?
Public clouds require users to pay only for what they use. Because a private cloud does not provide users with a fixed amount of capacity like they may have had with a traditional data center, chargeback is almost certain to be an integral part of private cloud environments.
Virtualization expert Bernard Golden views chargeback as very important because price is an important rationing mechanism — and rationing computing resources will be more important in an environment where obtaining resources is as easy as filing out a Web form.
Few, if any, companies go through all of the above steps/stages in parallel. In fact, there is no single “correct” way to transition to a private cloud environment from a traditional data center. A private cloud is in part the logical conclusion of server virtualization where it is extended to storage and networks and then managed with tools that treat servers, storage and networks as a single pool of resources. Automation and orchestration tools are the key to moving from a virtualized infrastructure to a true private cloud.
But one thing is very clear: If your IT organization is not willing to make the full investment for whatever part of its data center is transitioned to a private cloud, it will not have a cloud that exhibits agile provisioning, elasticity and lower costs per application.
As part of the transition, you need to determine whether your staff has the experience and skills required for a private-cloud environment or whether you need to hire someone who has been involved in building private clouds.
How you get started depends on your existing infrastructure. If you already have server virtualization, you have a definite advantage over those who do not. Most important: Do not rush out and buy a ton of software from vendors, especially from a single vendor, without a plan in place.
Next time, in Part 2: Profiles of some private-cloud adopters and how they have approached the management issue.
Bill Claybrook is an analyst with more than 30 years of experience in the computer industry, specializing in Linux, open source, virtualization and cloud computing. He is president of New River Marketing Research in Concord, Mass., and holds a Ph.D. in computer science. He can be reached at bclaybrook@comcast.net.