Is the Private Cloud a Real Cloud?
Consider this traditional scenario: in today's competitive world, dynamic business requirements need flexible and rapid provisioning of IT resources. Along with flexibility, traditional IT environments need new resources to support the dynamic workloads of applications. It is a very likely scenario where separate business units within the same organization manage their own computing resources, such as hardware, software, storage, networking and applications, creating silos of computing infrastructure. Power, space and cooling of corporate data centers are some of the major challenges faced by organizations today. Applications running on increased-capacity hardware are not able to utilize available resources in an efficient manner in traditional data centers. In addition to this, expert human resources are needed to maintain and manage the whole environment.
Fortunately, developments in computing have opened many possibilities for all types organizations, including education and government. Until recently, a main concern was deployment and hosting of applications considering cost or inadequate acquisition of compute, storage and network resources with a fixed capacity for managing unexpected application traffic demands. Other challenging tasks were to manage the installation, maintenance and configuration of the whole stack that supported the respective application. In the past few years, cloud computing has been considered as a boon for organizations that were facing these issues in traditional computing environments. Application design, deployment, maintenance and hosting have become easier, agile and less costly with the use of the pay-per-use charge-back model provided by cloud providers. IT executives are considering transitions from traditional data centers to cloud infrastructures for cost reductions and more agile IT environments.
What Is Cloud Computing?
According to the National Institute of Standards and Technology (NIST), cloud computing is a model for enabling convenient, ubiquitous and on-demand network access to a shared pool of configurable computing resources, such as servers, networks, storage, applications and services, that can be provisioned and de-provisioned rapidly with minimal management effort or service-provider interaction. These cloud models support availability and are composed of five essential characteristics, three service models and four deployment models. The four deployment models are the public cloud, private cloud, community cloud and hybrid cloud.
Cloud computing provides an agile environment, faster time to market, infinite scalability and services. Different applications, depending on their type, have different scaling and performance requirements. The cloud environment is perfectly suitable for applications where users have dynamic and competing traffic requirements. However, the five characteristics, three service models and four deployment models create a hazy situation when you want to use the cloud to deploy various kinds of applications. Public cloud services from third-party service providers are considered to be a windfall for SMBs, but for large enterprises, application security, compliance adherence and CIA (Confidentiality, Integrity and Availability of data) are fundamental, so it is difficult to convince them to adopt the public cloud.
Primarily, business data is the heart of any organization. All compliance requirements based on regulatory constraints and risks revolve around that critical and sensitive data. Security, compliance, vendor lock-in and interoperability are on the rise and are obstructing public cloud adoption.
The question one should ask is, "If public cloud service providers can deliver services efficiently and realize all benefits, including cost benefits and efficient resource utilization, then why can't organizations do this with existing expertise, an investment in resources and the availability of private cloud products that help organizations build cloud environments under their own control?"
It seems obvious that the journey to the cloud will take place in environments where organizations have more trust and control. Essentially, by building a private cloud and then integrating it on-site, with private cloud data or applications in the public cloud, in the process, they can build a hybrid cloud by utilizing existing resources.
The private cloud refers to a flexible proprietary computing architecture that provides compute, storage and network resources to various business units of an organization behind a firewall.
The Private Cloud—Is It Really a Cloud?
The private cloud provides an in-house cloud infrastructure, absolute control over resources, more security and privacy, and manageable compliance to regulatory requirements. It also requires a huge capital investment and the expertise for building a private cloud environment and maintaining that infrastructure. In the IT industry, thought leaders and other experts have different points of view on private clouds. Initially, the experts made their points of view public about the private cloud, saying the idea that organizations can run an internal cloud as efficiently as public cloud service providers does not mean it is a real cloud. Let's consider the various arguments based on economy of scale, cost sharing and multi-tenancy.
Organizations may not realize one of the primary benefits of cloud computing: economies of scale. Public cloud environments provide agility and scalability that organizations require to survive in this modern era of wider customer bases. However, organizations that choose to adopt private rather than public clouds may miss out on the same benefits. Hence, it often becomes a major point of discussion that the private cloud does not carry the similar value propositions as the public cloud.
One significant question raised by many public cloud supporters was regarding cost sharing. Who is sharing costs with the private cloud owner? According to them, if all the costs are managed by a single organization, it is not a cloud. If a single organization owns the computing resources, it is not a cloud.
Multi-tenancy is fundamental to the cloud's proposition. Multi-tenancy and shared resources are two of the defining characteristics of cloud computing environments in which compute, storage and network resources are shared between multiple users. Organizations deploy the application and store data in the cloud, driving down the cost for all. Organizations shift the resource management burden and risks to the service provider. This is why the cloud is so exciting. One perspective is, if it is not multi-tenant, it fails the test, and it is not a cloud. It is just an environment that delivers remote resources, and that has been around for years in organizations.
In a nutshell, an organization that builds a private cloud will spend more money and achieve less benefits compared to the public cloud, which needs expertise to build it, but it provides greater control and better perceived security.
The private cloud has come a long way to gain momentous footing in the market. Public cloud vendors who once criticized private clouds are now providing features for interoperability with private cloud platforms. So, it's a reasonable assumption that the private cloud is a real cloud. Still, it's better to muse over general features and aspects than to draw a firm conclusion. The public cloud has changed performance expectations for IT dramatically, but there are industries where the latency effect of any public cloud transaction will lead to intolerable service levels, loss of revenue and so on. These concerns have captured the attention of IT leadership. It is a strategic decision to build your own cloud that requires stakeholders to think meticulously and exclusively. It is the need of the hour that organizations must enable self-service and become on-demand providers of infrastructure, platforms and applications for their internal business units. Speed and agility, not cost reduction, drive private cloud implementations.
Now, let's take a step forward in the discussion by revisiting the history of Amazon's Public Cloud. How did Amazon start its operations and offerings of the public cloud? It all started with the intent to gain flexibility and agility in the traditional environment. For those same reasons, IT organizations are building private clouds today.
Many public cloud providers have announced their connection with various private cloud vendors. Now the question is why has everyone accepted the existence of "private clouds"? Many organizations still have concerns regarding putting their intellectual property or critical applications in the public cloud or off-site or beyond the organization's firewall. They aptly assessed the market situation and realized that they stand to gain by partnering in the private cloud arena.
It is a simple case of the first step in the direction of acceptance of the existence of private clouds and the foresight of hybrid cloud implementations.
According to a poll at a recent Gartner data-center conference, 47% of respondents want the ability to manage clouds on-premises and off-premises centrally by 2015. There will be more private cloud deployments in coming years, because OpenStack, CloudStack, Eucalyptus, VMware, BMC and HP are maturing and emerging. However, the technology is not without its challenges. It requires an up-front investment in hardware, software, training on implementation and managing the cloud.
Let's take a close look at private cloud benefits, building blocks and open-source private cloud vendors to get more information.
Benefits of Using Private Clouds
Private cloud computing introduces a new way to use IT resources and brings automation, process changes, management changes, service standardization, culture and policies that consistently come up in polls as more difficult challenges than the technology itself. Private cloud architectures should be designed with the future use of hybrid cloud implementations in mind, providing more choices and a potential migration path to public cloud services as they mature. In the case of private clouds, private cloud resources will be used in place of dedicated servers, and thus, organizations will realize the following benefits:
Security—security and governance capabilities specifically designed for an organization's requirements.
Regulatory and compliance—controls the service level of the platform, based on the organization's needs and compliance requirements.
Control—the organization owns, operates and controls the way services will be delivered to various departments and partners.
Efficient utilization of resources and better resource provisioning systems—highly automated in terms of how it manages pools of resources, including everything from compute capability to storage, analytics, process management and middleware.
Given these benefits, why wouldn't everyone choose a private cloud?
Building Blocks of Private Clouds
Various cloud service providers offer the building blocks for a private cloud infrastructure virtualization (hypervisors, such as ESXi, Xen and so on), self-service, metering or chargeback, and automated workflow management. Most private cloud providers also provide a management platform as well as security products and best practices to make the private cloud infrastructure robust and secure.
Figure 1. Building Blocks of a Private Cloud
Real-World Application of a Private Cloud
Commonly, lab automation, dev-test, performance testing, sales demonstrations and so on are use cases that are best fits for a private cloud. Consistent and reproducible environments improve uniformity between development, test and production environments. A self-service option not only helps in productivity, but it also avoids many issues, such as variable workload demands. Scalability is more complicated to manage manually.
Open-Source Private Cloud Product Vendors
OpenStack offers an open-source cloud computing platform to build different kind of clouds, such as public, private and hybrid clouds. Rackspace (the "Cloud Files" platform) and NASA (Nebula) started it in 2010. At present, HP, SUSE Linux, Red Hat, Cisco, Dell, IBM and others have joined the OpenStack project. It now is released under Apache license. OpenStack provides an Infrastructure-as-a-Service solution through a set of unified services, and each service offers an API that facilitates this integration.
Compute provisioning and managing large networks of virtual machines.
Block storage provides persistent block storage to guest virtual machines.
Object storage stores and retrieves files.
Networking enables network connectivity as a service and enables users to create and attach interfaces to networks.
The dashboard enables users to interact with OpenStack services to launch an instance and to set access control.
The identity service provides authentication and authorization for OpenStack services.
The image service provides a registry of virtual machine images.
The metering/monitoring service is used for billing, benchmarking and statistics purposes.
The orchestration service orchestrates multiple composite cloud applications.
CloudStack is an open-source cloud computing platform to create, manage or deploy an Infrastructure-as-a-Service model in a service-provider environment or in an organizational environment. Cloud.com originally developed it in an initial phase. Cloud.com initially released most of CloudStack under the GNU General Public License, version 3. Citrix later released the remaining code under GPLv3. Citrix donated CloudStack to the Apache Software Foundation. CloudStack 4.2.0 was released on October 1, 2013, and it is the latest stable version available at the time of this writing. It supports the end-to-end functionality that is required for IaaS, which includes compute, storage, network, user management, user interface, RESTful API and command-line tools. It supports hypervisors, such as KVM, VMware vSphere, XenServer and more for virtualization. CloudStack implements the Amazon EC2 APIs, Amazon S3 APIs and vCloud API in addition to its own API. CloudStack installation includes two parts: 1) the management server manages the cloud infrastructure and 2) the cloud infrastructure itself.
Figure 2. CloudStack
With CloudStack, a zone normally corresponds to a data center. There can be multiple zones in a data center. Pods are enclosed within zones. Each zone can control one or more pods. Zones can be private or public.
A CloudStack pod represents a single rack that consists of one or more clusters of hosts and one or more primary storage servers. Hosts in the same pod are available in the same subnet. A host is a computer that provides the computing resources, such as CPU, storage, memory, networking and so on to run the virtual machines. CloudStack is hypervisor-agnostic. Multiple hypervisor-enabled servers, such as a Linux KVM-enabled server, a Citrix XenServer server or an ESXi server can be used.
Each host has a hypervisor to manage the VMs. A cluster is a collection of one or more hosts and one or more primary storage servers. It can be considered as a set of XenServer servers or a set of KVM servers. Primary storage is coupled with a cluster that stores the disk volumes for all the VMs running on hosts in that specific cluster. Secondary storage is shared by all the pods in the zone that stores ISO images, templates and disk volume snapshots.
Eucalyptus is available in two different flavors: 1) open source and 2) a commercial private IaaS service provider. Eucalyptus is short for "Elastic Computing Architecture for Linking Your Programs to Useful Systems". The cluster controller manages a collection of node controllers. It has access to public and private networks. It controls execution of VMs and manages virtual networking too. Each Eucalyptus cloud will have multiple cluster controllers, and each Eucalyptus cloud will have one or more node controllers per cluster controller. It controls VM activities, such as launch instances, inspection, termination of instances and cleanup of instances. The cloud controller manages virtualized resources of the Eucalyptus-based private cloud environment. Each Eucalyptus cloud will have a single CLC.
Figure 3. Eucalyptus
Linux and Windows virtual machines (VMs) are supported.
Security groups and elastic IPs are supported.
Users and groups management, accounting reports.
Configurable SLAs and scheduling policies.
Compatible with Amazon Web Services (AWS) API.
Support for installation and deployment from source or DEB and RPM packages.
One of the leading sportswear companies is using Eucalyptus as the foundation for its cloud computing initiative to support its elastic and dynamic requirements related to marketing campaigns. The Eucalyptus-based private cloud environment has helped the company deliver faster time to market, agility, highly available, scalable and elastic Web applications using a secure on-premises IT environment. With the Eucalyptus cloud, it is able to provide a fast, highly available e-commerce experience for its customers worldwide. It uses scaling up and down to manage variable demand effectively. One-click deployment of applications, quick provisioning and de-provisioning of compute and storage resources on secure, reliable and highly available on-premises infrastructure is extremely useful for the on-line campaign management.
|Components||Nova (compute), Swift (object storage), Glance (image service), Keystone (identity management), Horizon (GUI interface)||Management Server; Hypervisor Nodes; Storage Nodes; Layers: Zone, Pod, Cluster, Host, Primary Storage, Secondary Storage||Cloud Controller (CLC): manages the virtualization resources and APIs, provides the Web interface; Walrus (S3 storage); Cluster Controller (CC): controls execution of VMs and their networking; Storage Controller (SC): provides block-level storage to VMs (EBS); Node Controller (NC): controls VMs via hypervisors|
|Hypervisor support||Xen, KVM, UML, LXC, VMware||Xen, KVM, VMware, Citrix XenServer||Xen, KVM, VMware|
|AWS API Compatibility||Yes||Yes||Yes|
|Self-Service User Portal||Yes||Yes||Yes|
Ignacio M. Llorente and Ruben S. Montero initiated OpenNebula as a research project in 2005, and it's now available under the Apache license. It is written in C, C++, Java, Ruby, shell scripts, yacc and lex. It's an open-source project to build and manage virtualized enterprise data centers and IaaS clouds. It emphasizes core values, such as openness, excellence, cooperation and innovation. OpenNebula manages a virtual infrastructure to build private, public and hybrid IaaS (Infrastructure-as-a-Service) clouds. It orchestrates storage, network, virtualization, monitoring and security.
OpenNebula provides support for hybrid cloud computing with connectors for AWS. It provides AWS EC2 and EBS APIs and a self-service portal for cloud consumers. A catalog of virtual appliances ready to run in OpenNebula environments is available in the Appliance Marketplace. It provides a powerful CLI that resembles typical UNIX command applications. OpenNebula adheres to a modular and extensible architecture, so it's easy for third-party tool integration. Best-effort community support and SLA-based commercial support directly from the developers is available for customers. OpenNebula helps enable agile, elastic and multi-tenant environments customized to offer infrastructure services.
Public Clouds vs. Private Clouds
The private cloud is recommended over the public cloud in the following scenarios:
Stringent security management and regulatory compliance requirements demand tight security controls and full visibility into how the IT infrastructure is managed. It prevents moving the applications and data to an external cloud.
High-performance requirements need the cloud to be set up and accessed over a private high-speed network.
Need for full flexibility and control over how to operate the cloud to enable business innovation and future growth based on the cloud.
Consolidate and standardize hardware and software resources of an organization; create a shared, automated service platform for business users, and account them for usage.
|Public Clouds||Private Clouds|
|Definition||A public or external cloud allows resources to be provisioned dynamically (partly on a self-service basis) over the Internet from an off-site third-party provider who shares resources and bills on usage or subscription basis.||An IT infrastructure that is under control of an organization's corporate firewall, delivered as a service to a restricted set of users usually within the organization, available as a flexible resource pool, provisioned on-demand, managed by the organization or a third party, existing on-premises or off-premises.|
|Control||The cloud consumer doesn't have complete control of the computing resources. A shared responsibility model exists between the cloud service provider and the cloud consumer. The responsibility may vary depending on the service model, such as IaaS, PaaS and SaaS.||The cloud consumer and cloud service provider are the same. The organization builds the private cloud internally behind the firewall to maintain complete control. The responsibility for resource management is with the organization only. (Here I am talking purely about private clouds, and not a hosted scenario.)|
|Resource Sharing||The infrastructure is shared between multiple organizations across geographic regions.||The infrastructure is dedicated to a single organization, and it is shared between different business units of an organization.|
|Scalability||Resources are seemingly infinite, hence it is very easy to scale based on application requirements while maintaining efficiency for not under-utilizing the resources or for not incurring too much cost.||Compute, storage and network resources are limited in capacity, because only the single organization needs to bear the cost of infrastructure. Most of the time, the focus of the organization and budgetary constraints play a significant role in the private cloud setup.|
|Control of Physical Infrastructure||The cloud consumer has no direct control of the resources, especially of the physical infrastructure where the IaaS model is provided.||The cloud consumer has a direct say on the physical resource requirements, and based on need, resources can be allocated, which is extremely flexible.|
|Compliance Requirements||It's difficult to meet compliance requirements, as a cloud consumer depends upon the cloud service provider for various external audits.||The organization's defined best practices can be applied in the environment, as resources are available on-premises and are under complete control.|
|Capital Expenditure||Huge capital expenditure is not required, as you are going to use resources based on a pay-per-use basis.||Huge capital expenditure is required to set up a private cloud environment by purchasing the physical components to install it and various software-licensing-related costs.|
|Usage of Cloud Features||It's advisable to use cloud features intelligently and on the basis of application requirements and with correct configurations by keeping best practices in line. Limited understanding and too many cloud features incur huge cost over time, which may not be required considering the application's characteristics.||The main benefit of the private cloud environment is the way the organization utilizes existing infrastructure and expertise to build an agile environment.|
The private cloud contrasts with the public cloud computing environment, where access to the resources is open to any customer who is willing to pay. There are number of variations that fit somewhere between those two, such as community cloud computing, virtual private cloud computing and hybrid cloud computing. The private cloud offers organizations a way to take the benefits of increasing simplicity of resource management with automation, flexibility and cost benefits, and provides an environment to be more competitive in the marketplace through greater control, choice, efficiency, quality of service and, most important, business agility. It is particularly well suited for organizations that are in greatly regulated sectors, such as health care, finance or banking or those that have made huge capital investments in existing data-center infrastructure, including virtualization and server consolidation.
Enterprise interest is already high, with roughly 75% of respondents in Gartner surveys saying that they plan to follow a private cloud computing strategy by 2014. This trend will move quickly on the Hype Cycle in the next couple years, as the private cloud moves from a strategy to pilot and production deployments. According to Gartner research, by 2015, the majority of private cloud computing services will evolve to leverage public cloud services in a hybrid model.
Peter Mell and Timothy Grance, "The NIST Definition of Cloud Computing": http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
Phil Wainewright, "Private cloud discredited, part 2": http://www.zdnet.com/blog/saas/private-cloud-discredited-part-2/1289
Gartner, "Private Cloud Computing: An Essential Overview": https://www.gartner.com/doc/1476032/private-cloud-computing-essential-overview
PUMA.com Migrates to a Eucalyptus On-premises Cloud: https://www.eucalyptus.com/sites/all/files/cs-puma.en.pdf