The entire information technology industry is talking about “the cloud” these days. Many businesses are asking the fundamental question, what is cloud computing? And most importantly, how can I use it to make my business more competitive and better serve my customers? If you’re struggling to understand cloud computing technologies, this tutorial will give you the background you’ll need to make wise adoption choices.
The Old World
Before cloud computing, if you wanted some computational power, you had three choices:
- You called up one of the big server manufacturers (HP, IBM, Dell, etc.) and ordered a server. When it arrived, you could either install it in your own data center or in colocation space that you had rented from somebody like Switch or Equinix. The responsibility was yours for acquisition, installation, and maintenance.
- You called up a leasing company and told them you wanted to lease some equipment. You selected from among their stock and they delivered it to your door. Then, just as if you had purchased it yourself, you had the responsibility of installing and configuring it in your data center or colo facility.
- You could rent a server from a managed service provider (Savvis, Rackspace, Terremark, etc.). The MSP would allocate you a server from their own internal stock, deploy it for you in their data center, and then turn over the keys for you to operate it. The line between the service provider responsibilities and your responsibilities was flexible. MSPs offered a variety of services (backup and “remote hands” being two popular ones) in addition to simple server rental.
Each of these models has pros and cons. If you bought the equipment, you typically owned it through the full depreciation cycle of three to five years. That might have been the cheapest option, but it was the least flexible. You gained some long-term flexibility when you leased the equipment, but you paid more in trade and you still had all the operations costs. Typically, you wouldn’t lease equipment for less than a 3 month time horizon, and probably at least a year, otherwise the overhead cost of receiving, configuring, and then returning the equipment would be too high. Finally, if you rented the server, you could get something with granular, monthly terms, but you were far more limited in the hardware choices and you couldn’t deploy it in your own data center. The upside was you might be able to have it up and running in as few as 24 hours from the time you placed the order.
These models form a continuum: on one side we have the buy-and-own-everything model; on the other side we have the own-nothing model. In the middle, we have a wide variety of models where some things are owned and others not.
The Shift to Cloud Computing
In the simplest sense, cloud computing is merely a refinement of the own-nothing model, with shorter timescales for resource rental, and greater flexibility for the customer as a result. The National Institute of Standards and Technology (NIST) has created what has become the canonical definition of cloud computing, publication 800-145, titled “The NIST Definition of Cloud Computing.”
NIST defines cloud computing as having five “essential characteristics:”
- On-demand self-service — Resources can be provided by the customer in a fully-automated fashion, without requiring human interaction at the service provider. The ultimate goal is a resource to be available “instantly,” whenever a customer requires it.
- Broad network access — Capabilities are available over the network and can be accessed by a variety of end-user terminal devices, including thick clients on desktop machines as well as thin clients on mobile devices (phones, tablets, laptops, etc.).
- Resource pooling — The service provider is expected to construct the physical infrastructure such that all resources are located in one or more common pools. Generally, customers are not able to specify or even know the exact physical location of the resources that are assigned to them from the pool. In practice, most providers offer some high-level location choices, such as a geographical region or data center (USA east coast vs. west coast, or USA vs. Europe, for example).
- Rapid elasticity — Users should be able to rapidly allocate and release capacity as required by applications. Ideally, users could request infinite elasticity on instantaneous timescales. The underlying physical reality prevents this (it still takes time to receive and configure new hardware), but with a large enough common resource pool serving numerous customers, the service can deliver this in practice for reasonable elastic requests. It’s important to note that elasticity is a two-way street — applications need to be able to allocate new resources as well as release them when they no longer need them.
- Measured service — Generally speaking, resources should be billed on a fine granularity (hours/days vs. months/years in the pre-cloud world) as they are consumed, using appropriate units for the resource (GHz for CPU, GB for memory, GB/TB for mass storage, and Mbps/Gbps or GB of transfer for network, etc.).
The five essential cloud characteristics define a cloud in terms of abstract “characteristics” and “resources.” The characteristics apply equally well to a low-level infrastructure cloud as to a high level application cloud. The NIST definition goes on to organize clouds into three cloud computing service models:
- Software-as-a-service (SaaS) — These are high level applications delivered over the network as a complete service. Examples of SaaS include such things as Google GMail, Microsoft Office 365, Salesforce.com, and Intuit QuickBooks online.
- Platform-as-a-service (PaaS) — Platforms represent mid-level application functionality that can be used by programmers to build new applications. Examples are Amazon Web Service’s Relational Database Service (RDS), Google’s AppEngine, and Salesforce.com’s Force.com.
- Infrastructure-as-a-service (IaaS) — Infrastructure represents the lowest level of cloud service and provides users with a simple instance of a traditional operating system running “in the cloud.” Users can then install off-the-shelf or custom applications onto the instance as required. Typically, IaaS providers support a few dominant operating systems. Both Windows and Linux variants for x86 processors are common. Examples are Amazon Web Services, Rackspace, Savvis, Terremark, and your VMware-based private cloud.
Finally, the NIST definition outlines four different deployment models:
- Private cloud — Private clouds are provisioned and used by a single organization. Typically, they are built and operated by that organization as well, but that need not be the case. Examples are private clouds based on VMware or OpenStack, built by individual enterprises.
- Community cloud — Community clouds are used by a small set of known consumers who all share similar requirements (performance, security, cost, etc.). Typically, these consumers are drawn from the same industry vertical (e.g., financial services), although this need not be the case. Examples are the NYSE Capital Markets Community Platform and Amazon’s GovCloud.
- Public cloud — Public clouds are owned and operated by large external providers and deliver service to all comers. Examples are Amazon Web Services EC2 and Google AppEngine.
- Hybrid cloud — Of course, it’s possible to build a cloud environment that spans each of these various models. Each piece of a hybrid cloud can be owned and operated by a different entity with management software providing integration across the environment.
The NIST service and deployment models form a matrix:
So, you can have a private IaaS cloud or a public PaaS cloud. Hybrid clouds are shown in the matrix, but they really are a mix of the various public, private, and community cloud types. Thus, you could construct an interesting hybrid cloud environment from a combination of a private IaaS cloud based on VMware, a public IaaS cloud based on Amazon EC2, and a public PaaS cloud based on Google AppEngine.
Most larger enterprises will create a hybrid cloud environment of some sort, with multiple public and private clouds, and possibly a community cloud thrown into the mix. Some clouds will provide enhanced security; others will provide enhanced performance; still others will offer optimized pricing. Enterprises will then deploy application workloads within a suitable cloud to create an optimized outcome. Management software will help match application workloads to the right clouds given optimization goals and risk and compliance restrictions.