When cloud computing became a topic of discussion a few years ago, public clouds received the bulk of the attention, mostly due to the high-profile nature of public-cloud announcements from some of the industry's biggest names, including Google and Amazon. But now that the talk has turned into implementation, some IT shops have begun steering away from public clouds because of the security risks; data is outside the corporate firewall and is basically out of their control.
Tom Bittman, vice president at Gartner, said in a blog post that based on his poll of IT managers, security and privacy are of more concern than the next three public cloud problems combined. He also wrote that 75% of those polled said that they would be pursuing a private cloud strategy by 2012, and 75% said that they would invest more in private clouds than in public clouds through 2012.
Frank Gillett, an analyst at Forrester Research, agrees that IT's emphasis is more on private clouds these days. He says that IT managers "are not interested in going outside" the firewall.
Building your own private cloud involves some challenges, including these:
* Budget. Private clouds can be expensive, so you need to do your due diligence and figure out what the upper and lower bounds for your ROI will be.
* Integrating with public clouds. Build your private cloud so that you can move to a hybrid model if public cloud services are required. This involves many factors, including security and making sure you can run your workloads in both places.
* Scaling. Private cloud computing services usually don't have the economies of scale that large public cloud providers provide.
* Reconfiguring on the fly. You may have to tear down servers and other infrastructure as it is working to move it into the private cloud. This could create huge problems.
* Legacy hardware. Leave your oldest servers behind -- you should not try to repurpose any servers that require manual configuration with a private cloud, since it would be impossible to apply automation/orchestration management to these older machines.
* Technology obsolescence. The complexity and speed of technology change will be hard for any IT organization to handle, especially the smaller ones. Once you make an investment in a private-cloud technology stack, you need to protect that investment and make sure you stay up to date with new releases of software components.
* Fear of change. Your IT team may not be familiar with private clouds, and there will be a learning curve. There may also be new operational processes and old processes that need to be reworked. Turn this into a growth opportunity for your people -- the stress of doing and learning all this may be mitigated by helping your folks keep in mind that these are important new skills in today's business environment.
Still, as Bittman's blog post points out, private clouds have their share of challenges, too; in his poll, management issues and figuring out operational processes were identified as the biggest headaches. And, of course, an on-premises private cloud need to be built internally by IT, so time frame and learning curve, as well as budget, need to be part of the equation.
Indeed, transitioning from a traditional data center -- even one with some servers virtualized -- to a private cloud architecture is no easy task, particularly given that the entire data center won't be cloud-enabled, at least not right away.
In this two-part article, we'll examine some of the issues. Part 1 looks at how cloud differs from virtualization and from a "traditional" data center. Part 2 will examine some of the management issues and look at a few shops actively building private clouds, and the lessons they've learned.
While we generally think of a private cloud as being inside a company's firewall, a private cloud can also be off-premises -- hosted by a third party, in other words -- and still remain under the control of the company's IT organization. But in this article we are talking only about on-premises private clouds.
Also, despite all the hype you might hear, no single vendor today provides all of the software required to build and manage a real private cloud -- that is, one with server virtualization, storage virtualization, network virtualization, and resource automation and orchestration. Look for vendors to increasingly create their own definitions of private cloud to fit their product sets.
Virtualization is only part of the picture
Many IT managers equate a private cloud with virtualization. What they describe is usually virtual infrastructure, meaning that "you can treat your servers, storage and networks as a single pool of resources that workloads can request on demand," explains Tony Iams, vice president and senior analyst at Ideas International, a research firm with emphasis on enterprise IT infrastructures.
But virtualization and the cloud are not the same thing; to be considered a cloud, the architecture must be set up to provide both orchestration and automation on top of the virtualization layer.
There is no single 'correct' way to transition to a private cloud environment from a traditional data center.
Orchestration is the coordinated delivery of many types of resources, such as processors, storage and networks, to provide an integrated provisioning process; resources can be delivered in minutes rather than days or weeks. In other words, a single command or request causes a number of actions to occur, possibly in a specific sequence, to coordinate the provisioning request.
The whole point of a private cloud is to allow IT managers to reduce costs and provide so-called agile provisioning rather than just making management of the infrastructure more convenient. A private cloud with virtualization underpinnings turns the technology infrastructure into a pool of resources that can be provisioned on demand with minimal manual intervention.
Without a focus on delivering IT services, it's unlikely you'll attain the full benefit of private clouds.
Comparisons to traditional data centers
In a traditional data center setup, "every time you add a server, somebody has to walk to a firewall console, set up firewall rules, attach the server to a VLAN, set up load balancing" and do many other tasks, explains Jeff Deacon, cloud computing principal at Verizon Business. But a private cloud needs minimal human intervention other than bringing in new computers or storage to keep up with demand. In a cloud environment, there is one console that lets operators set parameters to automate the entire process, rather than requiring IT personnel to log into different consoles for security, networking and server OS functions.
Another of the main differences between private clouds and traditional data centers involves IT processes. Private clouds may require a re-architecture of how data is used, and processes may have to be rewritten.
For example, today many IT organizations have to contend with sets of requirements that must be met in the provisioning process for budget; discussions with the storage, network and server groups; and tons of paperwork. This type of process is in stark contrast to the streamlined, short-duration provisioning done in clouds. Time to provision may go from weeks in the traditional data center to minutes in a cloud.
You may also have to re-architect deployment of legacy applications to take advantage of private clouds. Many legacy applications are running on mainframes and proprietary Unix platforms. Most virtualized environments, including private clouds, are geared to run on x86-based systems.
Also, in a virtualized environment, we generally don't know exactly where an application is running at any given time. Because most legacy applications are tied to a specific platform, running them in a private cloud will often require re-architecting them.
Divorcing applications from the hardware is a hallmark of clouds, including private clouds. In a traditional data center, those 10 servers over there might be running billing applications and those five over there running CRM apps. With a private cloud, however, it's not known ahead of time which servers are running which specific applications. The applications run on whichever servers have free cycles at the time the apps need to run.
Private clouds involve two groups: the IT (data center) operations folks and the business users who want to run applications. A private cloud gives business users the opportunity to quickly provision a server and run an application when they want to -- without human intervention.
The IT operations folks have to make sure that sufficient resources are available for the type of on-demand computing that business users have heard is available with public clouds, and that usually means that the wait for user-requested resources is minutes, not days. Anything short of this, and users will be unhappy.
This is what private clouds are all about: providing the on-demand elasticity of public clouds but doing it within the company's firewall.
Another difference is that some IT managers or business users may expect private clouds to act like public clouds. In a public cloud, the public cloud provider's IT operations group is responsible for the compute infrastructure, and the enterprise's business application groups manage and monitor their own applications, under agreement, on the public cloud. If the private cloud is expected to operate in a similar manner, that means the IT group may need to give up its traditional application-management role.
The steps for transition
The first thing is to broaden out beyond server virtualization. At this point, a lot of users are looking at virtualization for purposes of availability. So look at those aspects of virtual infrastructure that improve availability as the next steps toward a private cloud.
Today, people are integrating storage with virtualization and are beginning to understand the impact of broad virtualization of resources, Iams of Ideas International says. "When we get to the stage where virtualization of servers is the rule rather than the exception and most workloads are virtualized, this is the stage in which virtualization gets woven into the operational process," he says.
When you get to this stage, you have to rethink what this does to your storage processes, Iams says. "For example, how does virtualization affect backup and recovery?"
Iams outlines the following steps for creating a private cloud:
* Virtualize your storage and try to achieve the same flexibility with storage that you already have with virtualized servers.
* Coordinate server virtualization and storage virtualization with management tools such as Windows Azure Storage Management and VMware vStorage.
* Virtualize your network infrastructure and, again, coordinate that with your management tools.
Your infrastructure has been fully virtualized when you have server virtualization, storage virtualization and network virtualization. The crossover point from a virtual infrastructure to private cloud comes when you have the management tools that treat all three types of resources -- servers, storage and networks -- as a single pool that can be allocated on demand.
Of course, all this is from a technology-centric point of view. Iams says that there is a parallel track that relates to the transition from an organizational perspective, including people, processes, governance, policy and funding. One key question: What does a private cloud structure do to budgets and financial flow within an organization?
Public clouds require users to pay only for what they use. Because a private cloud does not provide users with a fixed amount of capacity like they may have had with a traditional data center, chargeback is almost certain to be an integral part of private cloud environments.
Virtualization expert Bernard Golden views chargeback as very important because price is an important rationing mechanism -- and rationing computing resources will be more important in an environment where obtaining resources is as easy as filing out a Web form.
Few, if any, companies go through all of the above steps/stages in parallel. In fact, there is no single "correct" way to transition to a private cloud environment from a traditional data center. A private cloud is in part the logical conclusion of server virtualization where it is extended to storage and networks and then managed with tools that treat servers, storage and networks as a single pool of resources. Automation and orchestration tools are the key to moving from a virtualized infrastructure to a true private cloud.
But one thing is very clear: If your IT organization is not willing to make the full investment for whatever part of its data center is transitioned to a private cloud, it will not have a cloud that exhibits agile provisioning, elasticity and lower costs per application.
As part of the transition, you need to determine whether your staff has the experience and skills required for a private-cloud environment or whether you need to hire someone who has been involved in building private clouds.
How you get started depends on your existing infrastructure. If you already have server virtualization, you have a definite advantage over those who do not. Most important: Do not rush out and buy a ton of software from vendors, especially from a single vendor, without a plan in place.
Next time, in Part 2: Profiles of some private-cloud adopters and how they have approached the management issue.
Bill Claybrook is an analyst with more than 30 years of experience in the computer industry, specializing in Linux, open source, virtualization and cloud computing. He is president of New River Marketing Research in Concord, Mass., and holds a Ph.D. in computer science. He can be reached at firstname.lastname@example.org.
This story, "Building a private cloud: Get ready for a bumpy ride" was originally published by Computerworld.