According to a recent Gartner press release, 20% of businesses will own no IT assets by 2012:
Several interrelated trends are driving the movement
toward decreased IT hardware assets, such as virtualization,
cloud-enabled services, and employees running personal desktops and
notebook systems on corporate networks.
The need for computing hardware, either in a data center or on an
employee’s desk, will not go away. However, if the ownership of
hardware shifts to third parties, then there will be major shifts
throughout every facet of the IT hardware industry. For example,
enterprise IT budgets will either be shrunk or reallocated to
more-strategic projects; enterprise IT staff will either be reduced or
reskilled to meet new requirements, and/or hardware distribution will
have to change radically to meet the requirements of the new IT
hardware buying points.
This is a bold statement. If we believe Gartner, it means that we are at the beginning of an explosion in cloud-based services managed by trusted providers on behalf of the enterprise. Of course not all businesses will choose this path, but a substantial number of industries can and will. As I blogged about earlier, the message from the CFO office is clear. We will see adoption rates rise dramatically as the benefits of cloud services become more obvious to business leaders.
A second point of interest is the prediction that by 2012, India-centric IT services companies will
represent 20 percent of the leading cloud aggregators in the market
(through cloud service offerings).
Here’s the take-away:
Gartner is seeing India-centric IT services companiesleveraging
established market positions and levels of trust to explore nonlinear
revenue growth models (which are not directly correlated to labor-based
growth) and working on interesting research and development (R&D)
efforts, especially in the area of cloud computing. The collective work
from India-centric vendors represents an important segment of the
market’s cloud aggregators, which will offer cloud-enabled outsourcing
options (also known as cloud services).
We are witnessing examples of what GE innovation consultant Vijay Govindarajan calls reverse innovation in IT. Natarajan Chandrasekaran, the CEO of Tata Consultancy Servicesnotes:
I’ve seen the new cloud-based computing models for
applications and processes gaining currency in emerging markets. Rural
cooperative banks and small and medium businesses in India are actually
far ahead of their western counterparts in adopting these models. In
fact, companies from emerging markets, buoyed by strong domestic
revenues and revival in growth, have been making adjustments to their
global strategies and fine-tuning their investments in order to be part
of the recovery process in the west and build on their global expansion
plans.
As the enterprise embraces the cloud, they’ll need a maturity model to help them on their journey. My next post will explore what the maturity model for cloud storage looks like.
We define hybrid cloud storage as utilization of private cloud storage at an enterprise data center, or a private cloud hosted by an IT service provider with some combination of additional IT service provider-based public and/or private cloud storage.
In a recent post, Cloud Storage for the Enterprise - Part 1: The Private Cloud, we covered the definition and requirements of cloud storage as an enterprise solution, and as a technology deployed within enterprise-owned data centers (or at least within their co- location racks and cages). Fundamentally, a private cloud is also a non multi-tenant cloud (i.e., used by only one entity or related parties within an enterprise or a public sector agency) that is behind the firewall(s). An additional solution that many enterprises are contemplating is the hybrid cloud, and we will look at the aspects of that solution in this post.
Before we begin our investigation of hybrid cloud, let's review some of the basics. The following diagram reviews the differences between public and private clouds:
Figure 1. Comparison of public and private cloud
Many enterprises are beginning their cloud evaluation with a "private cloud." I extend the definition of private cloud to be a "single tenant" cloud, as some enterprises may chose to use a single tenant cloud hosted at a service provider, versus hosting their cloud within their own data centers. In the following diagram, we show two private clouds, connected via policy-based replication in two data centers. This provides the assurance of backup and disaster recovery that many enterprises require. A third location could easily be added for even higher levels of backup and disaster recovery.
Figure 2. Private cloud inside an enterprise.
The growth of storage is driving increased costs, and the enterprise is on a continuous search to improve the way they can cost-effectively manage this growing data. The primary difference between hybrid cloud and private cloud is the extension of service provider-oriented low cost cloud storage to the enterprise. The service provider based cloud may be a private cloud (single tenant) or a public cloud (multi-tenant). There are several implementations of hybrid cloud, and several examples are included. The service provider cloud may enable enterprises to leverage the volume efficiencies of the service providers to realize additional savings.
A hybrid cloud provides a way of securely using service provider-based cloud storage in combination with enterprise clouds. Another implementation could be use of single tenant service provider-based private clouds at multiple locations.
Some examples of hybrid clouds are offered for your consideration, although not every potential approach is covered herein:
Figure 3. Hybrid cloud variation 1: private cloud inside an enterprise affiliated with a public cloud via a service provider.
an enterprise with affiliated private cloud via a service provider.
Figure 5. Hybrid cloud variation 3: Private clouds at a service provider with multiple clouds.
Since the primary motivation for hybrid cloud is economics, let's begin the discussion with an understanding of the economics of cloud storage and then extend that discussion to the hybrid cloud environment.
The primary cost components of cloud storage include:
1. Data center occupancy - leased (co-location) or owned and depreciated. 2. Data center environmental - utilities, cooling, heating, etc. 3. Storage hardware (leased expense or capital requirements & associated depreciation). 4. File system and storage management (may be bundled in the storage hardware). 5. Cloud enablement or platform (discreet or bundled with the storage system). 6. Systems management and operational overhead. 7. Backup and disaster recovery.
While it can be argued that the economics at a large scale enterprise are very similar to those at a service provider, listed below are some of the most common reasons enterprises do turn to service providers for their technology solutions:
1. Capital conservation. 2. Distraction associated with infrastructure management. 3. Desire to outsource functions that are required but not associated with core competency (focus dilution). 4. Poor history of infrastructure management. 5. Specific issues, for example, out of data center space and not projecting long term needs to add additional data centers, or unable to expand existing data centers and no desire for an additional site. 6. Redundancy of networks available in data centers that may not be available in the enterprise with assuming additional costs.
Whatever the reason, service providers can solve these problems. In each of the three hybrid cloud scenarios, there are costs and security tradeoffs that each cloud use-case will consider. For example, in hybrid cloud variation #1, the economics can be quite appealing, but there are significant security concerns. One approach to mitigate these concerns is to encrypting an object before replication to a public cloud might mitigate the threat.
Understanding where key functionality is applied in your cloud stack is critical for successful implementation and highly dependent on the cloud and storage subsystem technology, cloud interoperability capabilities, and data use case. Critical technologies that provide benefits are: de-duplication, compression, encryption for data at rest and data in motion, geo location, geo replication, tagging and search capabilities, and cloud access methods. I will address underlying cloud technology requirements for the enterprise in my next post.
Cloud Use Case Definitions:
Data Archiving - Storing data for retention management requirements (such requirements may be internally generated, or associated with regulatory and compliance needs). Archive data must be highly secure, highly reliable over the archive period, and easily searchable. Archive data is generally encrypted, compressed and stored in a proprietary format. Access to the data is usually very infrequent and thus typical enterprises have leveraged slower access, cheaper tape media or redundant NAS to control costs. Typical data issues associated with archiving are maintaining the archive and eliminating what is known as bit rot of the data, which is where data becomes corrupt if stored in the same media for long periods of time and not accessed.
Data Backup - Storing data as a replacement copy in the event the original copy is somehow damaged or lost due to user error, system failure, or as a result of a disaster scenario. Back up data may or may not need to be highly secure or easily searchable, but must be available for quick restore when needed. This data is also generally encrypted, compressed and stored in a proprietary format. Access to the data is more frequent than with archive data and can be at any level of the organization. A single file, user, server, site, or the entire enterprise could potentially need to be restored to proper service and backup data must support these highly variable access needs.
Data Access - Storing data in its original format for access by users or other applications. This type of data is frequently accessed and is the superset of the data that comprise backup and archive data. Access takes precedence over security, but needs to be easily and quickly searchable and retrievable by users and applications and thus highly available. Typical issues with access data are the need for fast accessibility of frequently used data balanced against the overall cost associated with storing all the data. Enterprises often implement tier strategies to stage data in progressively lower cost media based on frequency of access.
Figure 6. Hybrid enterprise use case cloud technology requirements.
Hybrid cloud storage, which we have loosely defined as utilization of private cloud storage at an enterprise data center, or a private cloud hosted by an IT service provider with some combination of additional IT service provider-based public and/or private cloud storage, offers an approach that allows use case, economics and security to prevail when selecting the appropriate approach. Implementation will also be driven by the technological capabilities of the three building blocks of cloud storage, the cloud abstraction layer, file/object system choice and storage subsystem hardware.
So, our discussion of hybrid cloud storage has likely demonstrated at least one significant additional aspect, and that is complexity. Starting with use case definition and security requirements, combined with a clear understanding of the unique issues within each enterprise that effect cost, you can map a clear path to the cloud technology and selection of one or more cloud service providers. Finally, the trusted service provider continues to be another significant requirement for exploitation of hybrid cloud.
As the industry announcements on Cloud Storage APIs keep coming, the confusion surrounding what they mean keeps growing.
We have the Amazon S3 APIs, Eucalyptus APIs, Rackspace Cloud Files APIs, Mezeo APIs, Nivanix APIs, Simple Cloud API, along with the standards proposed by the Storage Networking Industry Association (SNIA) Cloud Storage Technical Work Group, and more.
So what should you do or think about all this? What impact do these Cloud Storage APIs have on your decision-making? Just how important are they, and what's next?
Here's some information to aid your understanding of this emerging and important technology. Let's begin by answering two basic questions:
What is a Cloud Storage Application Programming Interface (API)?
A Cloud Storage Application Programming Interface (API) a method for access to and utilization of a cloud storage system. The most common of these are REST(REpresentational State Transfer) although there are others, which are based on SOAP (Simple Object Access Protocol). All of these are associated with establishing requests for service via the Internet.
What is REST? REST is a concept introduced in the doctoral dissertation of Roy Fielding, and is widely recognized as an approach to "quality" scalable API design. The actual API design and capabilities are very dependent on the actual capabilities of the underlying Cloud Storage System
One of the most important REST capabilities is that it is a "stateless" architecture. This means that everything needed to complete the request to the storage cloud is contained in the request, so that a session between the requestor and the storage cloud is not required. Why is this important? The Internet is highly latent (it has an unpredictable response time and it is generally not particularly fast (when compared to a local area network (lan)). Once you get a request, there is no guarantee that you can ask a "qualifying question" of the requestor in a reasonable time period. So, REST is an approach that has very high affinity to the way the Internet works. Traditional file storage access methods that use NFS (network files system) or CIFS (Common Internet File System) do not work over the Internet, because of latency.
One other thing we should clear up: Cloud Storage is for files, which some refer to as objects, and others call unstructured data. Think about the "files" stored on your PC, like pictures, spreadsheets and documents. These have an extraordinary variability, thus "unstructured". The other kind of data is "block" or "structured" data. Think data base data, data that feeds transactional system that require a certain "guaranteed" or low-latency performance. Cloud Storage is not for this use case. IDC estimates that approximately 70% of the machine stored data in the world is unstructured, and this is also the fastest growing data type.
So, Cloud Storage is storage for files that is easily accessed via the Internet. This does not mean you cannot access Cloud Storage on a private network or LAN, which may also provide access to a storage cloud by other approaches, like NFS or CIFS. It does mean that the primary and preferred access is by a REST API. (Here are other terms you will see, RESTful, or RESTlike or RESTstyle, which is geekspeak for how closely the API conforms to the REST approach.)
Today, there are multiple definitions for Cloud Storage, and the one I prefer is "File Storage accessed through Web Services API's over a network". This represents the key attributes of file storage that is cloud storage, versus other types of file storage. Other key qualities of a storage cloud are:
multi-tenant support (use by more than one unrelated user)
geo location and geo replication, seamless and real time provisioning of accounts
seamless and real time provisioning of accounts
availability of "practically" unlimited amounts of storage "on-demand"
"pay for use", which means that your payment is for actual storage used, over some time frame, usually a month.
There are many who are still arguing about what I have defined above, but what I've said is generally accepted by the industry. If it is a vendor doing the arguing I would suggest you check under their hood, usually you will find that they do not offer whichever of the above features they are trying to argue out of the definition.
Also, traditional storage vendors continue to proclaim the importance of local network access (like NFS, CIFS or ISCSI) for the purpose of Cloud Storage access by applications that today can only access via the older protocols. This requires that the application making the request be on the same local network (think same data center) as the storage cloud. Their reason for this view is that they are only just beginning to see application demand for storage cloud access via REST APIs, versus their traditional business model which serves an enterprise user with their own data center.
This is why Cloud Storage has generally emerged as a service offering in the IT Service Provider (also know as the WEB Hosting Industry) space first. In this space, there is no doubting the importance and future of REST API access to storage clouds, it is only viewed as an adoption speed issue. Note that within the data center, access to storage using an HTTP based protocol is not necessarily any slower than one of the more traditional protocols. API access has been labeled as being a slower form of access over NFS and CIFS. This view is largely due to the fact that it "may" be accessed over the Internet. In most cases, it is the network that adds the latency, not the means of access. Make no mistake, traditional storage vendors see this coming, and they will make offerings available in the near future.
REST APIs are language neutral and therefore can be leveraged, very easily, by developers using any development language they choose. Resources within the system may be acted on through a URL. So, an API is not a "programming language" it is the way a programming language is used to access a storage cloud. This is part of the basic understanding of APIs that is required to discuss the dreaded "vendor lock in" and upcoming "cloud lock in" discussions and understand the issues that surround these assertions.
REST APIs are also about changing the state of resource through representations of those resources. They are not about calling web service methods in a functional sense. The key differences between different Cloud Storage APIs are the URLs defining the resources and the format of the representations.
The Cloud Storage space is very young and everyone has their opinions on how things should be represented and accessed. Efforts are underway by organizations like SNIA, with their Cloud Data Management Interface (CDMI), to standardize both the resource structure and the representations. However, standards are not developed overnight and customers are demanding programmatic access to Cloud Storage now.
Current Cloud Storage vendors have produced a basic set of APIs that are accomplishing fairly similar things, and other APIs that expose the underlying unique functionality of the Cloud Storage platform supplying the storage cloud. You should expect that, over time, most storage clouds will provide the basic functions in somewhat similar ways, and further that additional advanced functions will be adopted and expected to be in every storage cloud offering.
Finally, you should look for a taxonomy of APIs, that includes basic file functions, advanced functions, Provisioning APIs, Billing APIs, and Management APIs. Storage clouds that become successful will offer all these capabilities, to increase the efficiency of their use.
Several efforts have been made to simplify the transition between vendors by providing an abstraction layer on top of the vendor's APIs. In this approach, a program library is created, for use in the application that needs cloud storage access, and this API translates (for the given program language) a single API into the API that is specific to a Cloud Storage offering. So, the application, which is using this library, writes their APIs once, and achieves portability between storage clouds that are supported by this approach.
This approach has been largely programming language specific and may take advantage of the language it was designed for. Good examples of this are jClouds, an open source cloud storage abstraction library written in Java, and Simple Cloud API, a collaboration of vendors including Microsoft, Rackspace, Nirvanix, IBM and Zend which provides a simplified Cloud Storage interface for PHP developers. While extremely useful for developers, these abstractions tend to expose the lowest common denominator relating to Cloud Storage functionality and may omit critical features, for example only providing namespace object access as opposed to ID access.
So, let's discuss lock-in, the term used to express concern that once a vendor has gotten you to exploit their architecture and technology, they will recognize that you are committed to them and cannot easily move away. As a result, they will then raise their prices and take advantage of your lock in status, keeping their price just below the amount that would encourage conversion away from their technology and towards a more "open" set of capabilities. Let's look at all the "dreaded" examples that have been surfaced around cloud storage and as a reason to slow it's adoption:
1. API lock in, which means your interaction with a storage cloud uses the APIs of that storage cloud, and suggests that you cannot easily move to another providers cloud with their own, different APIs.
2. Vendor lock in, which means that since you are condemned because of your application development activity with specific APIs to use only a cloud from a specific supplier.
3. Device lock in, meaning that you developed a cloud storage based program utilizing the APIs of that specific cloud, for a specific device (generally a PDA) that has specific functionality. This is double lock in, both the device programming methodology and the API selection.
4. Browser lock in, meaning that programming to specific APIs can also be rendered unique based on the Web browser that is selected.
5. Programming language lock in, which means that you have written the APIs in a language like Python, or JAVA, or .NET, or whatever.
6. API wrapper lock in, which means that you incorporated libraries into your application that allows your application to write generic APIs, which are then translated by these APIs to the correct API for the desired storage cloud (this is what Simple Cloud API is).
So, as you can see here, utilizing cloud storage could ultimately have you locked in on at least six levels!
With this much opportunity for vendor abuse, why are developers rushing to write Web based applications that utilize cloud storage services via API access? Are they simply uncontrolled, unthinking rebels who will shortly learn the error of their ways? Have they made a fatal error? Or do they know something you don't?
First, learn about Cloud Storage APIs. What they do is make storage programmable, and they abstract storage from the application. They offer advanced functionality (the programmable word) that makes it faster and easier to write the applications that are scalable versus the traditional storage access approaches. When you add these two capabilities to the storage cloud offering of low cost, availability in multiple locations, seamless provisioning, ease of adding additional storage, and the pay for use model, the case for the cloud has become compelling.
Where are we seeing early adoption: at service providers, because they host Web based applications and SaaS (usually Web based) applications, and this is where the developers who recognize the opportunity are focused.
What is coming: the introduction of this technology into the enterprise, complete with the adoption of the RESTful API technology. This will ultimately lead to a level of cooperation between service providers and the enterprise that has long been predicted. Enterprises will move to an IT modeled on an OPEX model, and expect their applications to be provisioned and interacting with service provider clouds, via APIs. IT Service Providers are racing to build the clouds to provide for this emerging business opportunity.
So, what about the lock in mentioned above. Sit down with your developer, they will show you why they don't feel "locked in". They will show you that you can quickly recraft your current APIs, in the programming language of your choice, to utilize the new APIs of the desired cloud. For this reason, Simple Cloud API will likely be a short term measure, which precedes base case APIs that are extremely similar, and goes through a market led process to identify "best practice" APIs for both base case and advanced function, as well as all the other API led capabilities as mentioned above. In short, vendor lock in is not the problem for this technology that it has been for others. Also, the ingenuity and resourcefulness of all the suppliers, standards groups, and market adoption scenarios will continue to mute your ability to be lock in free.
Your real challenge is not lock -in, but rather how to adopt this new set of capabilities, and solve problems and create opportunities with your IT solutions as rapidly as possible. Standing on the sidelines waiting for this one to resolve will keep you out of a great opportunity, because we still have several meaningful years of rapid change associated with this technology adoption cycle.
We've discussed ITIL and Cloud Computing and the role of trust as a differentiator for service providers. Yes, we see the evidence that IT Hosting companies and managed service providersare closer to their customers and we see that their differentiation is their commitment to serving the customer.
But Amazon, Google, and Microsoft aren't going away. As they pressure customers to make the switch to the cloud, traditional service providers must find new ways to compete. Step one, of course, is providing alternatives - cloud services, like storage for example. Step two is to highlight their customer commitment - the relationships they already have and defend this "advantage" by becoming even more responsive.
So how do you build trust? According to Stephen Covey Jr. trust is built through behavior. His work has identified 13 behaviors which build trust:
1. Talk Straight 2. Demonstrate Respect 3. Create Transparency 4. Right Wrongs 5. Show Loyalty 6. Deliver Results 7. Get Better 8. Confront Reality 9. Clarify Expectations 10. Practice Accountability 11. Listen First 12. Keep Commitments 13. Extend Trust
But how do these behaviors translate to a cloud service delivery model?
To answer this question, I dug up an old model forassessing service quality - SERVQUAL - which was introduced to the world of service and retail back in 1988 (those were the days before ITIL). SERVQUAL has its share of detractors, but even recent research reminds us that it is still a useful model. In particular, I'm interested in how it can be used to help service providers improve and extend their intangible advantages over the more impersonal big shops.
Over the years, the SERVQUAL instrument has been a popular methodology used to measure consumers' perceptions of service quality. Its five generic dimensions or factors are still valid:
(1) Tangibles: physical facilities, equipment and appearance of personnel. (2) Reliability: the ability to perform the promised service dependably and accurately. (3) Responsiveness: willingness to help customers and provide prompt service. (4) Assurance: includes competence, courtesy, credibility and security; the knowledge and courtesy of employees and their ability to inspire trust and confidence. (5) Empathy: includes access, communication, understanding the customer; caring and individualized attention that the firm provides to its customers.
None of these dimensions will change in the cloud, with the exception that some of these dimensions are now virtual and must be proven online (customer support, for example) or through superior automation of work processes.
Let's also analyze the SERVQUAL "gap model," as it was called, and see how it applies to service delivery in the cloud: Let's look at the meaning of each "gap" - the possible breakdown areas in service delivery:
Gap 1: Customers' expectations versus management perceptions: caused bythe lack of a marketing research orientation, inadequate upward communication and too many layers of management.
Gap 2: Management perceptions versus service specifications: caused by an inadequate commitment to service quality, a perception of unfeasibility, inadequate task standardization and an absence of goal setting. Gap 3: Service specifications versus service delivery: caused by role ambiguity and conflict, poor employee-job fit and poor technology-job fit, inappropriate supervisory control systems, lack of perceived control and lack of teamwork.
Gap 4: Service delivery versus external communication: caused by inadequate horizontal communications and propensity to over-promise.
Gap 5: The discrepancy between customer expectations and their perceptions of the service delivered: caused by the influences exerted from the customer side and the shortfalls (gaps) on the part of the service provider. In this case, customer expectations are influenced by the extent of personal needs, word of mouth recommendation and past service experiences.
Gap 6: The discrepancy between customer expectations and employees' perceptions: caused by the differences in the understanding of customer expectations by front-line service providers.
Gap 7: The discrepancy between employee's perceptions and management perceptions: caused by the differences in the understanding of customer expectations between managers and service providers.
Three of these gaps are directly connected external customers: Gap 1, Gap 5 and Gap 6. Service providers will find their optimal "trust-building" opportunities here. Apply Covey's 13 behaviors to each one of these gaps to build on your commitment to your customers.
Amazon, Google, and Microsoft aren't building a high-touch responsive model for their cloud services. But you, the service-provider, already have a high-touch relationship. Your cloud-based SLAs must reflect this advantage. The security issue is just a small part of this reality.
Service providers who dedicate themselves to closing the gaps will succeed in this new world.
The concept of Service Oriented Architecture (SOA) has been around for a long time, and some people believe it has not fulfilled its promise. To the contrary, SOA is well on its way to fulfilling its promise and the rise of cloud computing infrastructure is an important step in this process. In fact, cloud computing is already beginning to unleash the potential of SOA and much more is on the way.
David Linthicum, Editor-in-Chief of Sys-Con's Virtualization Journal, has it mostly right. He says:
Let's get this straight: SOA is an architectural pattern, simply put the ability to create an architecture around the notion of many services that are bound together to create and re-create business solutions. Cloud computing is a set of enabling technologies as a potential target platform or technological approach for that architecture...One is the way of doing something, while the other is a potential outcome. SOA doesn't go away. It's not replaced. It's architecture. Cloud computing is a potential outcome of that architecture, thus cloud computing needs architecture, and vice versa.
David's rant was an argument against complaints by certain industry pundits that cloud computing is just an over-hyped reincarnation of SOA.
I agree with David as far as he goes, but he can take his point further. He is correct to call SOA an architectural pattern. He is correct to call cloud computing a "target platform." But the real news in this story is that a target platform is exactly what SOA has been lacking all these years. All applications must run somewhere; applications need infrastructure.
SOA is an application architecture; cloud computing is an infrastructure architecture. It's that simple. This marriage is long overdue.
SOA applications inherently call upon Web services to request resources, so to run properly SOA applications need infrastructure architecture that lends itself SOA. Cloud processing (dynamic allocation of CPU resources) and cloud storage (Web services API access to storage resources) infrastructure is the most natural target platform for SOA apps because cloud infrastructure is designed to scale in the way implied by the SOA approach to application architecture.
Until recently, where could a SOA app find a venue to stretch its legs? There weren't many options until the earliest cloud computing service providers deployed large-scale cloud infrastructure. The SOA world owes Amazon and Rackspace a big thanks for making the infrastructure investment required to launch S3, EC2, CloudSites, CloudFiles, and CloudServers. As the rest of the Hosting market--and broader IT service provider industry--follows suit, SOA applications will flourish.
So David, you're right. Not only do cloud computing and SOA "need each other," but together they will ultimately justify all the hype.
Recently, The Planet published a white paper comparing Cloud Storage performance as offered by The Planet (which uses Nirvanix), Amazon S3 and Rackspace CloudFiles. It did a nice job of creating a performance-oriented benchmark, comparing Cloud Storage file upload and download time for the three services. While it is necessary to understand this factor associated with Cloud Storage, it is far from sufficient and much more is needed, if one wants to begin assembling metrics and from these make business and technology decisions.
While this does paint The Planet's offering in a very positive light, one has to question the pertinence of the actual test. (Knowing how our offering would have performed in the specific test, as the CEO of Mezeo, I am a bit disappointed that we were not included in the test) Of course, at the end of the day we have to remember that this is after all a test conducted by one of the vendors who also somehow turned out to be the winner. A third party validation of the results would certainly be more credible. To that end we are assembling a slate of comparisons and seeking third party verifications, and hope to publish these results in late summer.
A notable omission in the test was the comparison of the price per GB of the storage. Based upon published prices, The Planet offering is significantly more expensive than the others.
This introduces the idea of price performance, and that is very applicable, since many Cloud Storage use cases do not contemplate that the accessing server is housed in the same data center as the Cloud Storage solution it is accessing. When access via the Internet is contemplated, the specific speeds of upload and download as revealed in the aforementioned test may be less pertinent, whereas price or other features may be the major differentiator of note.
How about the following metrics:
availability: a fact based measurement
reliability: based on the SLA offering
ease of Web Services API access: length and complexity of required API usage against a defined set of standard actions
access methods: WebDAV, NFS, CIFS
security
feature/function richness and differentiation: sharing and collaboration, available clients, tagging, geo capabilities
utility billing: true
pay for use and on what time frames and at what minimums, and ultimate
scalability (how much storage is immediately available).
All or any of these may be highly pertinent to a Cloud Storage decision.
And finally, how about running the test enough times so that the results are reliable and meaningful? Running the test for a total of four times and concluding that Amazon S3 has a 90+% variance is a bit of a stretch.
Please do not take this blog post as being too critical; I am grateful that The Planet is signaling a degree of market maturity as real, meaningful discussion of Cloud Storage attributes are brought to the marketplace. The Planet is to be congratulated for elevating the discussion. Now all Cloud Storage service providers, and infrastructure providers who enable storage cloud offerings, need to begin the hard work of defining the metrics, and publishing the results.
It is very interesting that we are still working out the definition of Cloud Storage and now we are faced with benchmarking competing service offerings. The Cloud Storage marketplace is growing rapidly, and all of us are engaged in bringing this new capability to market.
Thanks for reading this post, and stand by, more on this topic coming soon.
With the Sun acquisition, Larry "what's a cloud?" Ellison has once again changed the game. Here are a few key points to think about:
1) Oracle becomes the end-to-end IT enabler - from apps to disks; that's the party line.
2) Oracle begins the journey to the Cloud, and begins to develop the end-to-end Enterprise Cloud experience.
3) Oracle embraces the open source movement by attacking Microsoft with MySQL.
4) Oracle's gain is clearly SAP's loss. Exadata + Sun = the new business intelligence?
5) Oracle owns Java, period. Ellison described Java as "the single most important software asset we have ever acquired." BONUS: they get the JMX API thrown in with the deal, which allows them to monitor all manner of resources.
7) Oracle pushes Open Office as a cloud offering to further disrupt Microsoft.
8) Oracle makes Sun hardware profitable.
9) One stop shopping for all your IT, from Cloud to your own data center - is where we are headed. The period of détente is over - Cisco, HP, IBM, and Oracle are racing to go to end-to-end environments, which HP and IBM have proven as a viable business model. What happens to Dell?
While the rumors fly all over the cloudsphere, what's important in the days ahead is how Oracle chooses to embrace the cloud - will it be an open or closed embrace?
With IBM, we all knew it would have been an open cloud, with Oracle the story is not so clear at all. The silence on Jonathan's blog is deafening.
And for those of us who said that Ellison was kidding about the cloud, let's remember who said "the network is the computer!" Today's netbooks are cloud devices.
My prediction: Oracle becomes one of the "Big Four" for the Enterprise, and quickly changes it's tune on the Cloud.
What's next? Anybody think Microsoft/Dell is an interesting combination?
The last few days have seen a lot of discussion over the McKinsey & Company report: Clearing the Air on Cloud Computing. McKinsey said the cost of the Cloud is high when compared to a large enterprises ability to implement similar services in house. They may, currently, be correct, but over time, this will likely be a differentiation that will erode. Enterprises will need the Cloud, as new applications become Cloud dependent. We have seen, for the first time, services move down the infrastructure stack. For example, tagging, sharing and collaboration will become requirements for Cloud Storage.
McKinsey rightly stated that Public Cloud is the domain of the small and medium business. What I have observed is that every year, larger companies join this view. We now say it this way: SMB and mid tier enterprise will turn to the Cloud. Mid tier will continue to include larger and larger companies.
Also, each Enterprise is different, and in different financial circumstances. Their existing IT infrastructure may be out of date, and require a very capital intensive retrofit to achieve the same economies as public cloud. To the extent an Enterprise does not want to put it's capital to work in IT, in house computing will be a less popular option, regardless of opex costs. The McKinsey view seemed very cost focused, and cost is driving Cloud consideration in the enterprise.
The key issue was raised, but did not receive in depth consideration!
Public Cloud providers must, I repeat, must build out mission critical service delivery capability, with security, management and SLAs that deliver the credibility and service level an enterprise will require to move their in house applications to the Cloud. Its that simple, and that is the issue. IT service providers get this, and will deliver it within their clouds. Simple to say, a bit harder to do. But, it will happen.
UPDATE - Tim Bray lets McKinsey have it >> - Amazon's James Hamilton has an insightful post here >>
In a bit of a publicity stunt, the Electronic Privacy Information Center asked the Federal Trade
Commission to investigate Google's Cloud Computing Services, specifically concerning:
a. the adequacy of Google's privacy and security safeguards regarding storage of personal information on its Cloud Computing Services; and b. the sufficiency of Google's privacy and security safeguards in light of the company's assurances to consumers regarding its Cloud Computing Services.
The official document filed with the F.T.C. states:
This complaint concerns privacy and security risks associated with the provision of "Cloud Computing Services" by Google, Inc. to American consumers, businesses, and federal agencies of the United States government. Recent reports indicate that Google does not adequately safeguard the confidential information that it obtains. Given the previous opinions of the Federal Trade Commission regarding the obligation of service providers to ensure security, EPIC hereby petitions the Federal Trade Commission to open an investigation into Google's Cloud Computing Services, to determine the adequacy of the privacy and security safeguards, to assess the representations made by the firm regarding these services, to determine whether the firm has engaged in unfair and/or deceptive trade practices, and to take any such measures as are necessary, including to enjoin Google from offering such services until safeguards are verifiably established. Such action by the Commission is necessary to ensure the safety and security of information submitted to Google by American consumers, American businesses, and American federal agencies.
P.R. stunts aside, where do we go from here?
Clearly, encryption, effective data anonymization, and mobile location privacy are "must-haves" in the cloud. Hosting providers who deal with this issue will keep their customers' trust. And as I mentioned earlier, part of being a trusted service provider
includes a commitment to how you will serve the customer, and
positioning your business for success in your offerings. It means a
robust offering, with appropriate availability, backup, and of course, security.
Coming on the heels of the Cisco-BMC announcement, the news of an IBM/Sun merger and the simultaneous announcement of Sun’s Open Cloud Platform are not mutually exclusive events. They’re all part of the ongoing race to capture the Enterprise Cloud. The elephants are dancing.
The announcement continues the pattern of rapid marketplace adoption of Cloud Computing in general and that includes Web services API based storage access that began with Amazon and continued with Rackspace. This space is really heating up. More and more players are stepping up to challenge Amazon.
This tells us that IT hosting providers are running to get in the cloud storage and cloud computing game sooner rather than later. Having come from that space, I can tell you that this issue is top of mind in the hosting space. Amazon, Google, Microsoft and now Sun want to be the cloud for every customer.
The hosting industry is ideally positioned to deliver cloud computing and cloud storage solutions to their existing and future customers. Cloud Computing (see previous post on Cisco and BMC) is a service offering for which both hardware and software technology is rapidly developing. Management tools are also coming online from many vendors. The ability for the IT hosting industry to effectively compete will quickly be enabled by a new market segment, “Cloud Infrastructure Providers”. When you combine the availability of solutions with the effective service oriented relationships that IT hosters have enjoyed with their customers, a significant opportunity is emerging.
The first act in Cloud Computing is underway. Another character has entered the stage and received a round of applause. They lend additional credence, and a call for more standardization, and less vendor lock in. The key to the cloud will be ease of use, reliability, security, and of course, cost.
With so much negative news on business and our economy, I find that Cloud Computing, and its new technologies and opportunities are very exciting. This is how it has always felt in our industry, which we can change for the better, innovate like no one else, and create significant businesses and new opportunities.
Let’s dig a little deeper into the real story here: Sun’s open source vision and stated commitment to interoperability and its extension into Cloud Computing:
Ideally, users of cloud computing would be able to move their applications among a variety of standardized providers who offer open-source interfaces to common services. Today, most clouds are proprietary, and even where the components offered are open source, cloud operators cultivate significant lock-in through their underlying services, such as storage and databases.
This morning, Dave Douglas, the SVP of our Cloud Computing business, announced we’re building the Sun Cloud,
atop open source platforms - from ZFS and Crossbow, to MySQL and
Glassfish. With more than 4,000 developers hard at work on these
enabling elements, and a twenty year history of network scale software
innovation, we’re very comfortable with our technology lead. By
building on open source, we’re also able to radically reduce our costs
by avoiding proprietary storage and networking products.
Second, we announced the API’s and file formats for Sun’s Cloud will all be open,
delivered under a Creative Commons License. That means developers can
freely stitch our and their cloud services into mass market products,
without fear of lock-in or litigation from the emerging proprietary
cloud vendors.
Third, unlike our peers, we also announced our cloud will be
available for deployment behind corporate firewalls - that we’ll
commercialize our public cloud by instantiating it in private
datacenters for those customers who can’t, due to regulation, security
or business constraints, use a public cloud. We recognize that
workloads subject to fiduciary duty or regulatory scrutiny won’t move
to public clouds - if you can’t move to the cloud, we’ll move the cloud
to you.
So where does IBM come in?
If you read about Schwartz’s three strategic imperatives, you learn they are as follows:
Notice too, that Schwartz is brutally honest about Sun’s challenges with imperative #3:
With Sun’s current products, we could be selling to twice the number of
customers we currently serve - our products appeal to an audience far
greater than our customer base. But we’re limited by our size - our
sales and partner force has a tenth the resources of our biggest peers.
So let’s review, Sun’s doing well on 1. and 2. with widespread adoption of “free” products like MySQL and Open Solaris, but lacks the sales and service firepower to execute on 3..
Did anyone say “IBM Global Services”?
And now, with the Cloud being touted as the future of IT, we see why a merger between IBM and Sun becomes a value creating proposition for both concerns. Sun becomes the “low-cost” open-source provider, while IBM gets to feed its highly profitable (and nowadays hungry) professional services division.
Which leaves Microsoft’s Azure out in the cold. Small wonder that Bill Gates used to say that IBM, not Google, was Microsoft’s real competitor.
On a more technical level, the rationale behind this merger can be seen more clearly if you take a look at Troy Angrignon’s wonderful Cloud Computing Ecosystem Map v1.0. Scroll down and zoom into the map; the merger seems to make more sense at this level. When you combine IBM and Sun, the resulting “tessellation” of competencies is very impressive.
As an end note, I’d like to state that this merger does not mean the race is over.
Far from it.
What we’re seeing is a new strategy developing across the IT industry. Hosting companies, MSPs, and SaaS providers will still have to provide clouds of their own to compete against Amazon, Microsoft and Google. There has always been room for a number of providers for hardware,
software and services, competing on price, value, and support. No one
player need dominate the cloud computing space. Choice and competition
always drives value and innovation.
