Source: en.wikipedia.org
Source: en.wikipedia.org
Disclaimer
All the opinions expressed and information provided by me in this
event are personal. I am not representing anyone or any entity, private, public or otherwise. Any
identification, mention of name or brand is not an endorsement or recommendation. Your own due
diligence is recommended.
What is ‘Cloud Computing’?
‘Leasing’ what one needs in a standardized environment.
7/31/2011 Cloud Computing - A Primer 3
Analogous to Electricity Availability on Demand Broad Network Access
Rapid Elasticity Measurable Service Pooled Resources
(Network, Compute, Storage..) Pay for what is used
Cloud Computing = Utility Computing
4
‘Cloud Computing’- Definition
‘Cloud computing’ is a model for enabling: Ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction (NIST Pub. 800-146, 2011).
7/31/2011 Cloud Computing - A Primer 5
Another Definition
‘The cloud is a flexible and scalable shared environment that uses virtualization technologies to create and distribute computing resources to users on an as needed basis, accessed via the internet browser and distributed over the network’.
- Stratecast, Frost and Sullivan (2010)
Gartner
- Cloud Wiki, 2012
IaaS
Features
• Customers do not manage HW
• Move $$ from
CAPEX > OPEX
Main Users
• System Administrators
Resources:
Servers, storage, networking, OS, virtualization & file systems
PaaS
Features
• Platform used to develop, test and deploy services over the internet
Main Users
• Developers
Resources:
Devt. and Test tools
Databases and Middleware
Infrastructure SW
SaaS
Features
• CRM, HRM, eMail, Communication, Collaboration, Office Productivity Suites and Other Apps – Deployed in hosted environment – licensed based on Subscription – Pay and Play
Main Users
• End Users
Resources:
Business, operational and administrative applications
Public Cloud (Anybody)
Community Cloud (Stat - n)
Stat 3
Stat 2
Stat 1
Private Cloud
USDA Private Cloud
Cloud Computing
Why the Cloud?
Current IT State
• Lengthy time to provision resources
> Soln: Reduce provisioning time
• IT capacity – needs peaks and valleys hi/lo demand
> Soln: Even out resources use/release resources as needed
• Internal IT staff – do not have the right skill set, time and or not enough staff to meet new business demands in a reasonable time and cost
> Soln: Cloud Services
Cloud Benefits
• Drives - Agility; Automation; Self-Service
• Decreases - Business Pain Points, Increases efficiency (earlier time to market or implementation of a new process, business solution)
• Forces - IT + Business Cooperation
• Increases Standardization (e.g., apps, DBs)
• Decreases Complexity
Private Cloud
Why choose a Private Cloud?
•Peace of mind. Feel ‘secure’ in their cloud
•Are risk averse and / or have mandates
• Flexibility, Self-Service, Integration, Automation, and Metering
•3rd Party options (hosting) available or
•In a wait and see mode
•In future they may become hybrid - trend
Private Cloud - Poll
Survey Question:
Will your org. be pursuing a private cloud computing strategy by 2014?
Yes = 78%
May be = 17% No = 5 % - Gartner, 2011
Private Cloud
1. Not Just virtualization
2. Not Necessarily decrease cost
3. Not Always ‘on premise’
4. Not Just Iaas or PaaS
5. May Not Always stay private
Public Private – Highlights
Public Cloud
• Minimal capital requirement
• Usually cost-effective because of high numbers of users
• Capacity can scale way up and down
• Usually independent data center
Private Cloud
• More control and less risky
• More Security and Audit capability
• Not necessarily cost- effective (less users = more cost) needs volume to be viable
• Onsite / Hosted
PUBLIC CLOUD PERFORMANCE
Not all public clouds are created equal
Buyer/Subscriber Beware
Why?
PUBLIC CLOUD PERFORMANCE 1. Bing: 2 sec decrease in search results
decrease 4.3% revenue per customer
2. Google: 400 msec delay (less than a blink of an eye) in presenting search results decreases number of searches by user .59%
3. AOL: User views 50% more pages in a fastest page loads than a slowest page load.
4. Shopzilla: Accelerated page load from 7 to 2 secs, revenue increased 7 – 12 %
PUBLIC CLOUD PERFORMANCE
5. Auto Anything: Web-based auto parts supplier
Measured Customer Revenue and Satisfaction
• Page load time decrease form 12 to 7 secs
• Increased 29% more likely to buy on 1st visit
• And 38% returned for more business – repeat customers
Cloud – Is this for real?
Thinking of Past Technologies and Hypes ?
Many are still around, evolved and some gone:
1. Internet, WWW, IP v4, IP v6, TCP/IP, SMTP,
2. Databases Integration – RDBs, SQL, HDBs, KSDS
3. CORBA, SGML, XML, JSON, REST
4. EAI – OOAD, ESB, MOM, SOAP, etc
5. SOA – Service Oriented Architecture
6. Virtualization – Servers, Storage, Network
Cloud – Is this for real?
7. Cloud – Private, Public, Hybrid (peaked 2 years ago)
8. Big Data – Hadoop, No SQL, InMemory DB, MongoDG, PIG (last year)
9. MDM – mobile data management / Distributed ID Mgmt (now), Identity Management, Mobile Computing
US Cloud Growth
Adoption will only grow:
1. The users are seeing the benefits – Agility, Cost
2. Federal Mandates : Cloud First, Shared First, etc.
3. Vendors are addressing user concerns and willing to accommodate the rules regulations mandates, audit, privacy, etc. (FedRAMP, FISMA, PII, SAS-70, HIPAA, HL-7, SOX, A-123, FFMIA, JFMIP, etc) requirements
4. Cloud Service Brokers are becoming more valuable in bridging the knowledge gap between cloud providers and cloud consumers
European Cloud
The dark cloud of uncertainty is moving away
The European Leaders have staked out a commitment to: Establish a common set of Rules of the Road to develop a cohesive market structure among various member nations for cloud providers. They want to the public clouds to be ‘open, competitive and secure’ so that govts. as well as public can use them. This drew praise from some leading US Tech Trade Associations
- CIO Magazine Oct. 2012
A Cloud Should 1. Should fit the business need – One size does
not fit all
2. Needs to be agile to accommodate enterprise’s business process and IT operations
3. Able to leverage existing IT infrastructure (rip and replace and increased cost will be a DOA)
4. Needs to meet security, compliance & other requirements
Cloud Migration – To do List 1. Security – key evaluation criteria
2. Get Senior Management commitment early
3. Cloud provides – automation, provisioning, mgmt function
4. But does NOT provide automatic integration with different layers of cloud security
5. So requires lots of education and process updates – needs time and resources
6. Have a cloud test ‘sandbox’ for testing SW updates prerelease – to test all cloud layers
Cloud Migration – To do List
7. ‘Deny all’ except ‘explicitly allowed’ creates issues with emergency and operational fixes. Therefore, needs a very good CM process, controls and governance
Use Case 1. Private Cloud
• Preparation – deliberate and time consuming
• Constant Communication
• Roll out in Stages
• Set expectations right
• Training and Expert help – OnSite
• Training Classes – Cheat Sheets
• Result
Use Case 2. Community Cloud
1. 13 Federal Agencies
2. Small Budget – Chip in
3. Shared Operational Apps
4. Catalog Devt. – Dummy data
5. Roll out
6. Result
Cloud computing future moves… Apply cloud computing
concepts to future data centers – to increase agility and
efficiency
Build cloud optimized applications
Investigate 3rd party CSBs – for advice, guidance and as an
intermediary to consume cloud services
IT as an internal CSB and intermediary to commercial
CSBs
Identify legal, compliance, PII, sensitivity classification of data - perform risk / reward analysis
of a public cloud offering
Future of IT Employees • Businesses like to keep their IT folks as internal advisors on evolving cloud services and as go betweens Cloud Service Brokers (CSBs) •Be a solution provider, add value and become part of the integrated business team • Modern IDEs / CASE Tools are more powerful and one does not need to know ‘bits and bytes’ to develop an application or build a service
Future of IT Expenses
Expense: Businesses do not like upfront IT expenses (CAPEX) but want to retain or increase the value derived (agility, efficiency, peak load mgmt) from the use of these IT resources. They prefer predictable ‘pay as you go’ model (OPEX)
Will continue to reduce CAPEX
NIST Cloud Computing Related Publications
NIST Special Publication 500 Series:
NIST Special Publication 500-291, NIST Cloud Computing Standards Roadmap, July 2011 NIST Special Publication 500-292, NIST Cloud Computing Reference Architecture, September 2011 NIST Special Publication 500-293, US Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume I High-Priority Requirements to Further USG Agency Cloud Computing Adoption, November 2011 NIST Special Publication 500-293, US Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters, November 2011
NIST Special Publication 800 Series:
NIST Special Publication 800-53A, Revision 1, Guide for Assessing the Security Controls in Federal Information Systems and Organizations, June 2010 NIST Special Publication 800-125, Guide to Security for Full Virtualization Technologies, January 2011 NIST Special Publication 800-144, Guidelines on Security and Privacy in Public Cloud Computing, December 2011 NIST Special Publication 800-145, NIST Definition of Cloud Computing, September 2011 NIST Special Publication 800-146, Cloud Computing Synopsis and Recommendations, May 2012
NIST Cloud Computing Research Papers
C. Dabrowski and K. Mills, "VM Leakage and Orphan Control in Open-Source Clouds", Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece, pp. 554-559. K. Mills, J. Filliben and C. Dabrowski, "Comparing VM-Placement Algorithms for On-Demand Clouds", Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece, pp. 91-98. C. Dabrowski and K. Mills, "Extended Version of VM Leakage and Ophan Control in Open-Source Clouds", NIST Publication 909325; an abbreviated version of this paper was published in the Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece. C. Dabrowski and F. Hunt, "Identifying Failure Scenarios in Complex Systems by Perturbing Markov Chain Models", Proceedings of ASME 2011 Conference on Pressure Vessels & Piping, Baltimore, MD, July 17-22, 2011. K. Mills, J. Filliben and C. Dabrowski, "An Efficient Sensitivity Analysis Method for Large Cloud Simulations", Proceedings of the 4th International Cloud Computing Conference, IEEE, Washington, D.C., July 5-9, 2011.
Thank you!