Cloud vs. in-house: Where to run that data center app?
One of the biggest decisions IT managers have to make is how and where to run data center applications. Fortunately, there are multiple choices that lower costs and increase business agility, including server virtualization, internal clouds, public clouds and external private clouds.
Many IT organizations are taking advantage of these options. Server virtualization is currently being used by more than 70% of enterprises to reduce costs, and cloud computing is being used or planned for use by more than 10% of corporations, according to Antonio Piraino, research director at Tier1 Research.
It can be confusing and difficult to determine which cloud environment to use (see sidebar below for descriptions of the most popular types of clouds). There are few, if any, guidelines, and each company will almost certainly have a unique discussion about its choices because each will have varying requirements and different views of what cloud computing means.
To take advantage of the new opportunities afforded by cloud computing, IT organizations have to learn the differences between server virtualization and various types of clouds, and understand the risks associated with using each execution environment in terms of the characteristics of various applications.
What is a cloud?
One may wonder why there's an interest in cloud computing when server virtualization is already providing significant cost savings by reducing the number of physical servers that enterprises buy. But it's not the same thing at all.
Different clouds to choose from
There are basically two types of clouds: public clouds and private clouds. Cloud types can generally be characterized by their location (on-premises or off-premises) and the perceived degree of security that they provide.
A public cloud is one in which a cloud service provider makes resources such as servers, storage, networking and, possibly, applications available to users over the Internet. Public clouds are off-premises by definition. A customer's applications may be running in an intermingled style on the same physical server as another customer's applications, meaning public clouds are multitenant. Public cloud services, such as Amazon's EC2, are usually offered on a pay-per-usage model -- you pay for what you use.
Private clouds take two forms: internal clouds and external private clouds. An internal cloud is inside your data center (on-premises), giving IT managers complete control over the available resources. A typical internal cloud relies on the security measures available within the cloud and within your data center. Ubuntu Enterprise Cloud and Microsoft Azure are examples of packaged software for creating internal clouds.
External private clouds combine characteristics of internal clouds and public clouds. They are like public clouds because they are off-premises. But unlike public clouds, applications run on dedicated servers, and the cloud provider has built container walls around the external private cloud to make it more secure than public clouds. IT managers have more control over the resources in a private cloud than over resources in a public cloud. Amazon's Virtual Private Cloud is an example of an external private cloud.
"Clouds provide automation and orchestration not found with server virtualization," says Jeff Deacon, cloud computing principal for Verizon Business. (Although Deacon's day job is helping figure out which of Verizon's internal applications should go on the cloud, his company also sells a public-cloud offering called Computing as a Service.)
In other words, Deacon says, cloud computing involves imposing a layer of abstraction between the applications and servers -- physical or virtual -- that automates many tasks typically done manually.
"Clouds can be viewed differently, depending on what you want from a cloud," adds David Escalante, director of IT security at Boston College. "We view cloud computing as running software applications that you would normally run in your own data center in someone else's data center. It is very important to create a definition of cloud computing for your organization." Armed with that definition, Boston College can focus on determining whether cloud computing is right for its data center needs, and which applications can be run on clouds.
Because clouds are based on virtualization, applications have to be virtualized before being moved to any of the cloud environments. But some cloud vendors can help with this, especially if the vendor supports a specific hypervisor.
On the other hand, organizations that already have their applications virtualized in a server virtualization environment may be able to move them to a public cloud without any extra work. Also, the operating systems supported by server virtualization and clouds play a role in where applications can be run. For example, clouds based on Microsoft's Azure support only Windows applications.
How to decide
Choosing where to run applications depends on a number of factors:
- Characteristics and processing requirements of the applications, including performance requirements, storage requirements, security requirements, availability requirements, amount of data to transfer and service-level agreements.
- The mission-critical nature of the applications.
- The resource capacity available in the data center.
- Desired cost savings.
"You need to create a process for determining where applications should be run," says Chris Swan, chief technology officer at Capital SCF, a London-based consultancy for technology firms. This process begins with application assessment and packages such as Novell's PlateSpin Recon and VMware's Capacity Planner, which can be used to profile physical IT environments and determine which applications to virtualize for optimal performance.
Next, the processing requirements of each application (or application class) should be compared with the security concerns of running that application in each execution environment.
Once you're sure of which applications you want to move where, P2V (physical-to-virtual), V2V (virtual-to-virtual) and Z2V (zero-to-virtual) tools can help physically migrate applications among stand-alone servers, virtualized servers and clouds.
Security plays a huge role
Mission-critical applications with high-availability and compliance or regulatory requirements are not good candidates for running on public clouds or external private clouds because there are issues around resource control and geographic location of data. Applications that require high levels of security should be run in on-premises environments -- server virtualization or internal clouds -- or in external private clouds only if the cloud provider demonstrates the degree of security required.
"It is very important to create a definition of cloud computing for your organization," says David Escalante, director of IT security at Boston College.
Unlikely applications for external clouds include those with proprietary algorithms that run on specialized hardware and high-transaction production applications that are core to the business.
Today, the most frequent use of clouds includes the development and testing of new applications, disaster recovery and running Web applications that have surges or spikes. Other uses include collecting data from Web surveys and storing and processing it on clouds.
Boston College's Escalante explains that academic departments at Boston College conduct various types of surveys in connection with research projects that periodically collect lots of data. They range from polling on a variety of topics to surveys as part of grant-based projects. Boston College outsources some of these surveys to external providers with survey expertise. Escalante includes this type of outsourcing in his definition of cloud computing.
Peter Beardmore, senior product marketing manager at Kaspersky Lab, is using clouds to analyze large amounts of data collected from his company's customers to gather the latest intelligence about threats and malware trends. For competitive reasons, Beardmore declined to provide more details about the specific cloud providers that Kaspersky Lab is using. The company will make an announcement about it "later this year," he says.
Some choose 'all of the above'
Sebastian Piotrowski, high-performance computing lead for the R&D group at Johnson & Johnson Pharmaceuticals, says that where his group chooses to run workloads depends on the use cases -- or descriptions of how end users will use a given application -- and how often big demands occur on compute and storage resources.
"Applications that reach peak loads periodically and then retract are good candidates for clouds since clouds offer a good choice at a lower cost than having to buy more hardware that sits idle until one of these bursty periods comes along," he explains. "If you already have a good percentage of your workloads virtualized, then they are good candidates for clouds."
Some users begin by running a few non-mission-critical applications on public clouds to assess cost savings, benefits and risks associated with clouds. If they are satisfied, then they may move more applications to clouds.
"Our group is using the Amazon public cloud for testing and development, and then we will go into the Amazon private cloud for production," says Piotrowski.
"From a computing perspective, the choice of clouds depends on a number of factors, most of which are associated with the assumed risks of using clouds, such as transfer speed over the Internet, network latency and security," he adds.
Public clouds might make sense if, for example, the company is looking for the cheapest place to do simulations on new pharmaceuticals. This is a situation where heavy number-crunching is involved only sporadically and you may not need to worry about the security of data very much. But if you have production data such as back-office ERP, then you would not want to use the same cloud that you chose for pharmaceutical testing -- for security reasons -- and instead may want to use a private cloud in your own data center.
"You need to create a process for determining where applications should be run," says Chris Swan, chief technology officer of consultancy Capital SCF.
Politics enter the fray
Infrastructure groups and application developer groups can sometimes be at odds over where to run an application, and for good reason, says Capital SCF's Swan. An infrastructure group is trying to reduce the cost of running applications by using the least expensive venue, usually via new technology such as server virtualization or clouds. This group also considers which applications are the easiest to migrate to lower-cost platforms.
On the other hand, application developers are trying to decide how to package applications so that they are optimal for the environment in which they will run. Options here include creating software appliances and/or Web-based applications for cloud environments that can be accessed with netbooks.
This push-and-pull is evident at Cambridge Health Alliance (CHA), a network of health care providers in and around in Cambridge, Mass. Dan Cameron, a CHA senior IT staff member with an emphasis on security, says that he favors running a lot of applications on clouds, including public clouds, because he believes that this is more cost-effective than buying more systems and that cloud security will improve. He also expects to use various niche cloud providers, depending on the nature of the applications.
But Joe Velletri, an Internet Web developer at CHA, says that he has serious reservations about running his applications in insecure environments such as public clouds.
Rolling your own cloud
Today, customers are leaning toward the use of internal cloudsover external clouds because of the various risks associated with external clouds, including security, data privacy and SLAs. The significant downside, though, is that IT has to build this environment and no single vendor provides all the pieces.
"The data center staff will have to create the automation layer for their internal cloud because today no vendor provides a complete software layer," Swan says. "The staff will essentially have to buy the pieces and put them together." A large enterprise could spend millions of dollars over several years creating a full-blown internal cloud that produces the cost savings and exhibits the automation desired.
All in all, "decisions about the use of clouds versus server virtualization depends a lot on how heavily you have invested in your data center and whether you have sufficient capacity in your data center," says Verizon Business's Deacon. Most companies do not rip and replace; that is, they do not shut down their data centers and move everything to clouds, he says. Likewise, companies that have been outsourcing are not going to immediately start creating an internal cloud in their data centers.
"Clouds provide automation and orchestration not found with server virtualization," says Jeff Deacon, cloud computing principal for Verizon Business's internal applications.
What they do depends on what they have been doing and what they are most comfortable with, Deacon says. "Over time, enterprises that have traditional outsourcing contracts and managed hosting will convert to clouds, because it makes sense, is cost-effective and offers more flexibility."
Bill Claybrook is an analyst with over 30 years of experience in the computer industry, and has specialties in Linux, open source, virtualization and cloud computing. He is president of New River Marketing Research in Concord, Mass., and holds a PhD in computer science. He can be reached at firstname.lastname@example.org.