Improving service delivery in cloud computing

By Olafur Ingthorsson on February 3, 2010 in Cloud Computing. 8 Comments
Internet congestion

It’s obvious that one of the primary reason enterprises are reluctant to move resources to the cloud, and cloud computing, is the inherent bottlenecks and unreliability of the Internet – as the primary networking mode service delivery channel. The Internet possesses several critical problems that expose its weaknesses in providing adequate network performance and quality levels. These include:

  • Peering point problems. Peering points separate Internet networks for the purpose of exchanging traffic between customers of each network. Peering is normally a settlement-free “swapping” (exchange) of data from one network provider to the other – forming the backbone of the Internet. Unfortunately, perhaps largely due to the settlement-free nature, there has been lack of economical incentives for network operators in sufficiently upgrading their peering routers to handle increasing network traffic. (Depeering is another process that I will not go into). While the “first mile” (from data center to the Internet/WAN) and the “last mile” (from end-user to the Internet/WAN) have received significant investments, the “middle mile” (i.e. the Internet) has lagged behind.
  • Border Gateway Protocol (BGP), the Internet’s inter-network routing protocol determines how data packets travel from one network to another in the cloud. The problem with BGP lies in its slow routing capabilities, especially when making fine distinctions between the traffic on multiple routes. This results in lack of performance and reliability of service delivery in the cloud.
  • TCP bottlenecks. TCP is the Internet’s primary communication protocol – providing reliable, ordered delivery of a stream of bytes from a program on one computer to another program on another computer. However, TCP was designed for reliability rather than efficiency and often causes drag (delay) in packet delivery due to its multiple round-trips to set up and tear down connections. This is a overhead that can be especially detrimental to the performance of SaaS and PaaS-based enterprise applications.

So, if these are the main concerns for good network performance and reliable service delivery on the Internet, what can be done to mitigate these? Well, there are probably several different measures that can be taken, and depends on both the cloud service provider, network provider(s) and the enterprise using the cloud computing services and include:

  • Using a overlay network, e.g. from CDN providers like Akamai or Limelight Networks. These providers use edge servers and multiple (proprietary) optimization schemes to improve network performance and quality levels of content delivery.
  • Use managed IP network services. Many network providers offer private IP connections, e.g. from a particular data center (cloud provider) to an enterprise, promising quality of service and much better performances than over the public Internet. Today, the MPLS (Multi-Protocol-Layer-Switching) data-carrying mechanism is becoming prevalent in modern networks for high-performance delivery.
  • Consider the new FASP (Fast and Secure Protocol), originally designed by Aspera, for improving efficiency and throughput. Amazon AWS plan to offer FASP in its services.

Having said this, it becomes obvious that companies do not have to rely completely on the Internet for service delivery if they aspire to use public cloud computing services. There are several ways to improve network performances and reliability as I have pointed out – and there are probably even more ways available!

Tags: , , .

Cloud computing – barriers for faster adoption

By Olafur Ingthorsson on January 20, 2010 in Cloud Security. 1 Comment

It’s been maintained by many analysts that the main barriers for a faster public cloud adoption, by organizations in particular, is the lack of sufficient security, reliability and portability (data lock-in). CIO’s and IT managers normally cite these as the primary reasons for their reluctance of trusting a third-party cloud provider for storing or processingtheir sensitive, often personalized data. These are however not new concerns born with the notion of cloud computing – but also exist in other forms of IT management structures, including hosting and outsourcing, which can be classified as close relatives of cloud computing. Still, and rightly so, concerns  for security, reliability and vendor lock-in have been epitomized in cloud computing. So, in a few words, why and how are these the key concerns for organizations thinking about utilizing public cloud services? Here are a few observations:

Security
Handing over your corporate data to a third-party is indeed a very difficult decision for most CIO’s and IT managers. A myriad of questions immediately arise; how can I be sure that my data is sufficiently protected; is my data encrypted while stored and what about when being being transferred to and from the service provider; what about back-ups and access to data in case of data center failure; how about restoration strategy? And the list goes on. Fortunately, many of the larger public cloud providers, like AWS, Google and many others, provide a lot of measures and even SLAs that guarantee a certain level of responsiveness and measures in the case of security breaches and hardware/software failure situations within their own domain. Currently, the problem is more related to smaller cloud providers that do not have the capacity, resources and sometimes knowledge to provide sufficient security measures that relief the concerned CIO/IT manager.
Then there is the thorny and related issue of data privacy, especially of personally identifiable data (PII). If you are a CIO/IT manager, you already know your organization protects personal data and limits data exposure. Internally, organizations institute their own processes and policies for protecting privacy of corporate and individual data and ID’s. However, in the cloud, how can you be sure your data is protected by the provider in equal, or better, way? Additional fear include different legislation and regulations, especially in the context of cross-border cloud services – potentially leading to seizure of your data or confiscation of network servers by authorities in the residing country of the cloud service provider. This is an especially relevant where a buyer located in a particular jurisdiction, e.g. the EU, uses cloud computing services located in another jurisdiction, e.g. the USA. In fact, the EU, for example, prohibits the cross-border transfer of PII data originating in the EU, unless the host country applies to certain EU regulations. In the case of data transfer from the EU to the USA, the US service provider needs to apply to the so called “Safe Harbor Principle”.
In general, the World Privacy Forum provides a helpful guide called Privacy in the Clouds detailing the risks and problems relating to privacy and cloud computing.
Reliability
Not far behind security is the issue of reliability. One of the key characteristics of cloud computing is the Internet as the main transport mechanism – with all its notorious bottlenecks (e.g. response time, latency and packet-loss). How can an organization using cloud services be certain that it obtains and maintains acceptable service levels? Pobably, by securing access through managed networks, e.g. MPLS, and/or using overlay network from network providers like Akamai. Within their own domain, cloud service providers usually comply to strict operational policies and measures to minimize failures or outages in their systems. Automatic fail-over and self-healing infrastructure of virtualized components aids to increase reliability and redundancy.
Lock-in
Finally, many CIOs/IT managers are afraid that by choosing a particular cloud service provider, they will enter a “lock-in” situation with that particular vendor. Due to the lack of standardization, most of the current cloud vendors have implemented and deployed proprietary solutions that lack interoperability with each other. This is a big problem, although some analysts, like David Linthicum at InfoWorld in a blog post “The data interoperability challenge for cloud computing”, are suggesting that in 2010 this issue will be addressed to drive cloud computing adoption. Some cloud related standard organizations, like the Open Cloud Consortium, are working on interoperability standards for cloud computing and frameworks for interoperating between clouds. When this has been resolved, a lock-in situation is less likely to occur and the CIO/IT manager can evaluate vendors in terms of their interoperability levels.
Tags: , .

Virtualization and cloud computing

By Olafur Ingthorsson on January 12, 2010 in Virtualization. 0 Comments

One of the primary characteristics of cloud computing is the virtualization of IT resources, network servers in particular – running multiple virtual machines on a single physical machine. Delivering economical, virtualized, elastic and utility based, or pay-as-you-go, services is in essence what cloud computing is. Many organizations are already using virtualization in their data centers to rationalize and support optimal utilization strategies. The dynamic and transparent allocation of IT resources through virtualization and monitoring using “hypervisors” are indeed fundamental, although not prerequisite, technologies of todays data centers for many businesses. Some large public cloud providers, like AWS, are utilizing heavily customized versions of the Xen open source virtualization hypervisor while others, including regular businesses, use less customized or out of the box solutions like the VMware vSphere and Citrix XenServer.

Below is a great video explaining virtualization in simple terms

Still, virtualization and cloud computing should not be used as synonyms, as seems quite common. On the contrary, there is a lot more to be added, as pointed out in my previous post “Characteristics of cloud computing“, for a true cloud computing adoption. Other key issues, such as automation of services, e.g. service provisioning and support/troubleshooting and utility based, or pay-as-you-go, pricing mechanism are also key parts of cloud computing. Specific cloud computing software solutions, such as the open source Eucalyptus, can be built on top of virtualization supports this type of functionality that enable organizations to create multiple clouds inside and outside of their data center environment and even support integration to third-party public cloud providers, e.g. AWS EC2, for a hybrid cloud layout. Antoher example is the VMware vCloud Express IaaS offering that is in many ways similar to Eucalyptus, providing on-demand, pay-as-you-go infrastructure.

Finally, is should not be forgotten that doing cloud computing is usually an evolutionary process rather than revolutionary. Businesses can start out taking small steps without unreasonably risking their sensitive data or systems.

Tags: , .

The rise of hybrid clouds

By Olafur Ingthorsson on January 7, 2010 in Cloud Computing. 2 Comments

It seems that many analysts, e.g. at the Cloud Computing Journal, are proclaiming that private and hybrid clouds will see a real proliferation in 2010. Security concerns of public clouds are still prevailing and many IT professionals and managers are still very reluctant to the idea of migrating private enterprise data and operations to a public cloud provider. Deploying cloud computing on-premise, in a private cloud fashion, is seen as a way to exploit many of the benefits from cloud computing, i.e. automation, centralization and elasticity, without the security risks still lurking around in public clouds. In private clouds, organizations maintain closer security and compliance controls over their applications and data. In the longer term though, together with increased cloud adoption, managers will probably compare more seriously the cost/benefit analysis of private versus public clouds.

Alternatively, hybrid clouds, seem as a sensible intermediary step between public and private clouds, enabling organizations to leverage  upon both worlds – combining on-demand capacity with in-house compliance.
Implementing a hybrid cloud strategy is simply an attempt to augment a private cloud with the resources of a public cloud in order to maintain acceptable service levels despite spikes in demand, i.e. to address and prevent the so called Cloudbursting (“the failure of a cloud computing environment due to the inability to handle spike in demand”).
Hybrid clouds seem a natural step for enterprises not interested or willing to migrate resources to the public cloud due to security vulnerabilities or otherwise. Getting their feet wet in the cloud without risking too much, hybrids clouds may offer a beneficial alternative for dealing with temporary spikes in demand, lowering capital costs and offer the elasticity desired.
Tags: , , , .

2010 – the year of cloud computing catastrophes?

By Olafur Ingthorsson on January 3, 2010 in Cloud Computing. 8 Comments

As more companies offer cloud computing services and the number of users increase, statistics tell us that the likelihood of a serious problem occurring, for example, somewhere in the  transfer network or in different security segments, increases. We have already seen some serious ‘outages’ in the past, such at Magnolia, the social bookmarking site that crashed and lost all its data earlier this year. Will 2010 be the year of some disastrous encounters for cloud computing?

Some analysts are predicting 2010 to be the year of catastrophes for cloud computing, including the CEO of Strategic News Service, Mark Anderson, in an interview with BusinessWeek. He believes that the increasing reliability toward cloud services could actually backfire in the form of a serious service outage or security based catastrophe. And, the disaster could be big enough to question the dependability of cloud services by corporations in particular.

My believe it that although we might possibly see some serious outages or security breaches encounter, the long-term benefit of network delivered services will outweigh the risks of organisations continue to deploy and migrate to cloud based services. Clearly, organisations and IT managers must carefully select the right type of resources or applications to transfer to the cloud with regard to their mission-critical nature and sensitivity. If using a public cloud provider seems too risky in terms of security or availability, another option would be to migrate to a private (or hybrid) cloud.

Tags: , , , .

Cloud computing characteristics

By Olafur Ingthorsson on December 30, 2009 in Cloud Computing. 1 Comment

There is a great deal of ambiguity around cloud computing and no agreed definition still exists, although many have provided their Cloud computing question markown understanding of cloud based services and technologies.  A recent, and very readable, webtutorial report (Nov. 2009) called “A Guide For Understanding Cloud Computing” by Dr. Jim Metzler makes a clear attempt to define the  characteristics of cloud computing and its boundaries. Firstly, it answers the question of cloud computing primary objective as “to make a dramatic improvement in the cost effective elastic provisioning of IT services”. Secondly, it identifies eleven (or twelve) primary characteristics of a cloud computing solution:

  • Centralization – applications, servers, storage
  • Virtualization – including servers, storage, networks, desktops, etc
  • Automation – provisioning, troubleshooting, configuration
  • Dynamic movement of resources – such as virtual machines and storage
  • Internet reliance – extensive use of the internet for deployment and service provisioning
  • Self-service – users can select, configure and modify resources and services themselves online
  • Pay-as-you-go – user pay for consuming the service, no or minimum up-front fees
  • Simplification – fewer versions running, less IT resource complexity for organizations
  • Standardization – users gain access to standardized applications and hardware resources, fewer vendors
  • Technology convergence – enabling convergence of multiple technologies such as servers, networks, storage, etc.
  • Federation through standardization – with standardization comes the federation of disparate cloud computing infrastructures
This is an interesting list that provide a comprehensive picture of what characterizes cloud computing. Some of the characteristics are obviously more developed than others. Centralization and virtualization, for example, are already becoming mature and established technologies for enabling economical cloud computing services, while standards are largely still missing and federation of cloud computing infrastructures is still somewhat further ahead and is, of course, strongly linked to and dependent upon available standards. Still it’s a good idea to keep these in mind when you need to identify whether a service is cloud computing, or not.
Tags: , , .

Status of the cloud computing hype!

By Olafur Ingthorsson on December 17, 2009 in Cloud Computing. 2 Comments

It seems that cloud computing is nearing the top of the hype-cycle according to “Gartner’s Hype Cycle Special Report for 2009“. Gartner claims that within the next 5 years, most enterprises will utilize cloud computing as a more economical alternative for running their IT resources, compared to on-premise resource management. Not only does this apply to migrating IT resources like network servers, databases and storage to the public cloud utilizing “Infrastructure-as-a-Service” (IaaS) services, but also private clouds and hybrid clouds. Equally, enterprises will increasingly adopt “Software-as-a-Service” (SaaS) services instead of running business applications locally. We’ve already seen successes in this direction – Salesforce CRM of course being the foremost example.

Another report from The Economist, Let It Rise – A special report on corporate IT, points to a similar direction. Public cloud providers are improving their offerings. IaaS providers like Amazon AWS and Go-Grid are continuously announcing new corporate-class services and addressing many of the security vulnerabilities associated with public cloud computing. Not only are public cloud providers improving their services, but are also adding new services extending corporate networks into the cloud through Virtual Private Network (VPN) connections or even through MPLS. A good example of the former is the Amazon Virtual Private Cloud and Verizon has started offering cloud services, termed Verizon Computing-as-a-Service (CaaS), over their private IP network (MPLS network) in selected areas.

Tags: , , , .