Online Tech President Mike Klein will discuss what is meant by "cloud computing", explore the various ways that clouds are deployed, and shed some light as to why companies may choose public, private, or hybrid clouds depending on their different needs.
Tuesday 2.22.11 @ 2pm
Navigating the World of Cloud Computing
In this first webinar in the 4 part series, Mike Klein, President of Online Tech, will define and explain what is meant by "cloud computing", explore the various ways that clouds are deployed, and shed some light as to why companies may choose public, private, or hybrid clouds depending on their security, financial, and operational needs.
By moving to the cloud, we had faster disaster recovery capabilities, were able to recover much quicker and actually deploy and run tests much faster and we were able to provision our test servers for our portal and billing systems. Being able to provision those servers, test the deployment and tear them down in a matter of minutes has really accelerated in a lot of cases our development time and putting up new systems. So there are a lot of benefits moving to the side of cloud computing that we and people across the country are seeing.
In a lot of ways when we talk about cloud computing and we talk to the “old timers,” people as old as me who have been in the industry for 30 years, a lot of the time we are talking about back to the future when we look at cloud computing. If you think about it, we started in the main frame world with centralized resources 30 years ago, decided to go to servers where we could start moving things out into servers where multiple applications were out there. As an industry, we found that running multiple applications on the same servers was not as secure or as easy as dedicating a server to each application. As a result, we started to have a lot more hardware than was needed for a lot of the applications. With virtualization technology, we were able to start cutting down on the number of hardware platforms to serve multiple applications and now with the cloud we are back to centralized computing resources that are divided out and we are back to where we were 30 years ago. We have a much higher level of capability than in the main frame environment, but really going through pooling and provisioning of resources as needed. A lot of that, or all of that, is all enabled now because of the virtualization technology.
Lets navigate and talk about some of the options out there when we look at the cloud. On the far left side we have the public cloud. This is a third party managed environment where you have multiple users, clients and applications running across a whole different set of hardware . On the other end of the spectrum, we have a private cloud or an internal cloud that is bought, managed and put up internally running in a companies own database, in a data center that is not shared with everybody. As you walk through this spectrum starting with the internal cloud, you have an environment that is internally hosted. All of the capital is purchased and paid for by the users who are putting that in place. You basically control everything about that, because it is internally managed and all of the security aspects in the entire infrastructure can be controlled that way. If you start moving across the spectrum into the private cloud, here we are talking about outsourcing, or hosted private clouds, where you get the same level of capabilities as you would in an internal cloud. You may have some standardized components in the architecture, but it is third party managed without the capital expenditure that goes into developing that. Hosting a private cloud is usually done on a monthly fee basis with a third party provider.
Skipping over the hybrid cloud for a minute and moving to the public cloud. Here we are talking about multiple tenants and many users sharing the same set of hardware platforms. In a lot of cases it could be a utility model which we will talk about as we go through this a little bit further. The hybrid cloud is a mixture of the two. It is giving you the capability of running in a private cloud, but with the ability to flex into a public cloud with a shared set of servers as needed depending on constraints or requirements from the different applications that may be hosted in the private cloud arena or by the enterprise.
So lets go through and navigate how you actually decided which of these clouds is right for you. The first decision we are looking at as you start to figure out which cloud implementation or model is right for you, is public cloud or private cloud. The public cloud in here will talk about specifically compute as utility. For example, something like Amazon is really ideal for running non-critical applications such as: tests; development; research; some types of websites where you are not exposing a lot of confidential data; shared infrastructure; shared hardware; disks and networks. Not necessarily very high on the security side, but certainly very low costs when you are getting into hourly billing so you can turn on a compute resource, run it for a couple of hours and then turn it down. Often it is self service, because there are not a lot of managed services that go with this. When I talk about managed services, it might 7x24 support or off site backup. There are a number of different options here, but you are really looking at the opposite end of the spectrum far from computing as a utility.
On the other hand, in regards to the private cloud, typically we are seeing most enterprises and mid-size companies looking at this for their internal computing. Here you are looking at dedicated hardware, networks and security where the enterprise or IT managers can literally point to the hardware and say: “This is the hardware that is running our applications and nobody else’s applications.” We are seeing a lot of places where regulated industries, such as SOX, PCI and HIPAA compliance have the auditors really requiring that it is not a multi-tenant environment. Usually it comes with, or has the option to come with, a full set of managed services. So in a private cloud environment you can back up off site. You can get options to do warm site disaster recovery, 24x7 monitoring and fully managed servers as well. So, that kind of gives you the first piece coming in of an example whether you need computing as a utility or security and the independence of not being in a multi-tenant environment.
If you decide to move into the private cloud area then the next set of decisions is outsource or insource. This really comes down to a set of trade offs between capital, internal skill sets, total cost of ownership and compliance requirements. If you are in an environment where you need to invest five or six figures into gaining a SAS70, PCI, or SSAE16 type of compliance requirements it may in fact be easier to go to an outsourced private cloud where that investment has been made and amortized across hundreds of clients. Versus just doing it yourself internally. The other piece that may play into working with an outsource provider is those companies that have multiple data centers can very easily provide off site disaster recovery which may not necessarily be available internally if you are only running a single data center.
What I want to do next is just drill down into a couple of these options in more detail. We will start with the public cloud, talk about the private cloud and then talk about the virtual private cloud which is a mix between the public and private cloud. Kind of a compromise of something that spans both of those areas.
In the public cloud arena we are going to look at an extreme model of a shared computing utility model such as Amazon or Rackspace. They are basically standing up a bunch of pooled hardware hosts with virtualization technology. Many of these utility providers like Amazon and Rackspace are based on Zen. An open source, virtualization technology. The reason they do that is they want to keep their costs as low as possible. As opposed to maybe some of the enterprise level virtualization tools that many enterprises use like VMware. Most also run on non-redundant hosts. If you are looking at Amazon or Rackspace they are running on a local hard drive. Again, the goal here is to keep the cost low, because you are not having to pay for an N+1 or high availability compute environment or SAN storage. At the same time, this may not be ideal for high availability applications, but it does provide a very cost effective approach into the utility computing model.
The advantages of this model, because it is treated like a commodity, you can go in and configure your servers online and all of this (like with Amazon) is completely automated. In fact it is kind of hard to get a real person on the other end. If you cannot do it by email for support, it is very difficult to get them on the phone. So it was all made and designed to be automated, pay as you go and charging on an hourly basis. Some public clouds like Amazon will actually allow you to buy compute with what they call “spot-demand-model” which is really pure commodity pricing. You bid for and buy computing at a certain price and you may run your computing at 3 o’clock in the morning when there is not high demand for the computing resources and you may get it at a tenth of a price if you were to buy it straight up and use it full time. That environment, especially the “spot-model,” may be really ideal for research, test and dev environments where you need to run batches of computing at time, but the time of day is not really important.
One of the other unique aspects of some of these private cloud models is the capability to get API access. So it is basically the ability to programmatically spin up or spin down your servers. In the case that you have to spin up literally thousands of servers to address a particular application, opportunity or compute model, you can do that with some of these public cloud models by sending out a program interface that spins up and provides data to one of these servers very quickly and they can tear them down just as quickly.
Some of the drawbacks if you look at the public cloud model is that often availability is not guaranteed. I know that with Amazon you have to go in and pay extra if you want to have guaranteed resources. There is no fail over across the host, because you are running a local host with single drives. If that host crashes, and you can see a number of comments out on twitter and a number of blogs how users have lost their entire server on Amazon because the host crashed and it is not running in a highly available N+1 environment. Certainly trying to get compliance with some of the regulations or the audits you cannot get HIPAA or PCI compliant applications running out there in the public cloud. As I mentioned earlier, what this may be ideal for or the types of applications for compute utility certainly makes a lot of sense if you are doing regression testing and you are using it for testing, development, or compute intensive research applications where you need or want to spin up hundreds or thousands of servers or cores you want to run against some particular computes. It is also good for other applications where you are not necessarily sensitive to the security of the data or whether the data or servers are crashed and the servers are lost and the lost of that data is not critical.
Lets swing all the way to the other end of the spectrum and talk about the private cloud. I am going to specifically talk about the hosted private clouds, but a lot of this applies to the internal private cloud as well. The difference on the the internal side is who is providing the capital to buy the equipment and who is providing the expertise and the type of data center infrastructure it is running in. These are the number of options that are available to you.
In the hosted private cloud environment, here we are looking at a single tenant, dedicated cloud. All the hosts, servers, storage, network and security components are all dedicated to a single user, single company and single set of applications. Again, the people that need compliance or need a high level of comfort that their data and networks are secure and they have complete control over the environment will typically be looking at a hosted private cloud environment or an internal private cloud to accomplish that. It is far easier in this environment. We recommend looking at N+1 hosts, which means you design a host so that any one system can fail and you have high availability so there is automatic failover between the hosts. The storage is designed around high availability, highly rated SAN storage so that any set of drives or SAN controller can fail and it does not effect the application, because everything is redundant and N+1.
On the network security side, you run in a highly available pair of network security devices that are dedicated to that particular client or their particular applications or company. One of the really interesting opportunities we have, and we see this with our own infrastructure, is when you run in an N+1 environment you can run with zero maintenance windows. Which mean with your user base, you may need to upgrade and add more physical RAM, storage or CPUs to some of your physical hardware hosts. You can spin one down, take it offline and actually do any work you want to do on that, but not take your application offline because you are running in a redundant environment. So we are running a data center where you can take and work on specific components, but because you are in a highly redundant environment taking any one component offline does not take any of the applications or internet access offline.
In this environment you may be looking at VMware. Typically you are going to find on the enterprise side more VMware type solutions out there, because they are certainly a leader in the market place. It provides a whole host of capabilities from automatic resource balancing to high availability and a lot of good tools to go out and balance applications and monitors to spin up those applications.
One of the other advantages you get in the hosted private cloud model is the ability to add in non-virtualized servers. What I mean by that is if you are running a data base server or you are running a set of hardware that needs to sit on the same VLAN or same network and sit behind the same firewall you can actually mix and match your virtualized environment with your dedicated hardware environment that may need higher performance specialty boxes to deliver the performance that is required. Certainly with many of the hosted private clouds they come with a whole mix of managed services, because they are typically fully managed environments.
When we are looking at the advantages of the private cloud from the private cloud side you can really get into a high availability, N+1, highly secure environment. Since it is designed around one company’s particular requirements there is a lot of architectural control you can put in place as far as choosing and determining what level of firewall, IDS/IPS that you want to have in place. We have seen some clients that are going for running private clouds and they need PCI compliance. That is a whole other set of security systems that need to be layered on top of the company’s who may not be running a PCI environment. It is pretty easy to design and customize the architecture around that. Certainly if you are running in a PCI, HIPAA, SOX or any environment that needs a high level of compliance where the auditors are requiring compliance with those standards, a hosted private cloud or internal private cloud is the model of choice for being able to meet those requirements.
The drawbacks when you start looking at the hosted private cloud is the inability to get hourly pricing or API access. With the hourly pricing issue, the third party provider is making a significant investment in the hardware and they are not going to want to buy all of the hardware and put it in place and have it be used and then have the contract be terminated obviously. There is also elasticity that you are going to see in the hosted private cloud, because the hardware footprint of the private cloud is designed around a particular company’s requirements. So the ability to spin up say tens of thousands of servers instantaneously is not really going to be there the way it would in a private cloud unless that hardware is put in place in the original design.
So what do you do if you need the security, integrity and high availability of a private cloud environment, but you need the price points you are seeing in the public cloud environment? One of the options out there there is what we call a virtual private cloud. Basically it is a slice of a private cloud still running in the VMware type of enterprise version of virtualization. You are running in a high availability design so everything is designed around not the cheapest solution out there but the most highly available solution that is out there to assure that the application can be on and online all the time. It still runs with automatic fail over, automatic resource balancing and you can go in and dedicate and select the level of secure VLANs, Firewalls, IDS/IPS and even dedicated specific devices to those if needed. As well as the ability to “hybridize” those into a dedicated server environment like you did in the private cloud.
The advantages of the virtual private cloud is you basically get all of the capabilities that you have in the private cloud, from the high availability security perspective, hybridized perspective and fully managed perspective, but you are only buying a slice at a time and you are running in a multi-tenant environment.
The drawbacks you are going to see here are again no API access. If you need PCI or HIPAA compliance, we have seen that there are still a lot of questions out there on auditors minds. Any time you talk about a multi-tenant environment, whether it is high availabilty and you carve out the physical network security or not, some auditors will go for that and some auditors will not. We certainly counsel people as they are going through the design that there is no assurance from the auditors that they have. They should be working with the auditors ahead of time before they choose between a virtualized private cloud or a full private cloud. The other drawback of a virtualized private cloud is that you get what you get. You do not have architectural control as you do in the fully dedicated private cloud, but you can get more leverage and cost effectiveness because it is shared across a number of tenants so to speak.
You can compare the options from the public cloud option, which is very cost effective to the private cloud option where you are going to pay more, but get a more secure environment. You can also walk and talk through most of these. Basically going from design for cost effectiveness, utility compute models or designing for high availability and dedicating and compliance control.
The next question is: “What is the right cloud for me?” And I think the answer to that is it depends. It depends on the application, the project and the overall corporate philosophy. The IT department and senior level management has a lot of say on how and where they are going to deploy their applications. Certainly if you are running in an environment that has short life cycle projects, you are running test and development servers, compute intensive research projects or non-critical applications, web front end applications where you do not have ton of data security issues, then the public cloud can provide some really good options for you.
On the other hand, if you are highly concerned or running in a regulated environment where PCI, HIPAA or SOX are all key environments or management wants to really want to be in a single tenant enterprise or deployment (we see this with mid-size to large companies), then the private cloud is going to be a much better fit there. If you have I/O intensive applications where you need to have some non-virtualized servers, hybridizing to a non-virtualized environment, the private cloud or virtualized private cloud is a good fit as well. The virtual private cloud gives you a lot of benefits from a cost effectiveness stand point, but a lot more availability and security than you are going to see in the utility compute model that you find out there in the public cloud.
I think it is interesting to ask what analysts are saying out there. What we are clearly seeing is the larger the enterprise the more comfortable they are with private cloud, but even small and mid-size business are not that far behind in private cloud deployment. Here it shows that 8% of large enterprises, which I would say is probably 8% of many applications in enterprises, could fit well in the public environment. Certainly start-ups and small businesses that are very cost conscious may find that the trade off between security and cost weighs in more effectively with the compute utility model than into the more secure virtualized or fully private cloud itself.
Lets wrap up here with a couple of slides and then we will see if there are any questions. Certainly if you have any questions and want to email those in we have a couple of folks here who can read those out and we will take a shot at answering them.
Here are a couple of points to wrap up on the benefits of the cloud. Clearly the enabling of virtualization technology has brought the capability to get lower total cost of ownership. This plays out whether it is a public cloud or private cloud. You are getting much higher efficiencies running across the shared infrastructure, that infrastructure is shared across a number of applications for a single enterprise in the private cloud environment or being shared across a number of enterprises in a multi-tenant environment in the public cloud area. Whether you are looking at an outsourced private cloud, hosted private cloud or public cloud you can get away from the capital expense side and really leverage the third party providers ability to develop, reuse and put that hardware in place where they deploy all of the capital, own and mange it. In most cases they can do it far more cost effectively than companies can internally, because they are sharing not just the hardware and the data centers, but they are also sharing all of the extra fees, time and experience across hundreds and hundreds of clients rather than just focused internally you can deploy your projects much faster. A clear benefit of provisioning tearing down, putting up servers up in minutes dramatically changes the way you think about the world and scaling as needed. You can design your compute structure and compute environment to literally match what you need, not what you think you are going to need in the next three years and then scale that as needed over time.
So, how do I pick the right cloud? As we look at this, picking the right cloud really depends on your requirements. There are a whole set of options out there from the public cloud, to the virtual private cloud, to a hosted private cloud and to an internally owned and managed private cloud. A lot of that selection criteria really depends on the applications you are looking to run, the levels of security you need, whether you need certain audited requirements and the level of resiliency and the uptime you need. Frankly, corporate philosophy plays a role in that decision criteria. As does the support and manged services that you need, which you are going to find more in the virtual private cloud environment and private cloud environment than you will find in the utility compute models of the public cloud.
This presentation will be available on our website. If you raise your hand on our web chat we will be able to point you towards and get you more information.
Pay-Ease required a PCI compliant data center to host their eCommerce SaaS solutions.
With Online Tech’s private cloud, Pay Ease developed a scalable, flexible and secure virtual and storage environment.
Benefits for Pay Ease