By Michael Salsburg, chief architect, Cloud Solutions, Unisys
Although we often talk about “the cloud” as if it were a homogenous entity, private cloud computing is very different from public cloud.
As such, an enterprise that has chosen to implement a private cloud has chosen that model because it has very specific service and compliance objectives that cannot be addressed by a public cloud.
Most private clouds are good at spinning up virtual machines in a “cup dispenser” style. You can get cups in various sizes and colors, but the focus is on standardization and automation of the basic infrastructure. However, a lot of organizations don’t realize that most private clouds aren’t necessarily architected to address key application requirements or manage critical governance, risk and compliance issues.
In most cases, many of the unique attributes needed to support an enterprise-class deployment are not available from the “standard” cloud management environment. This is due to the fact that cloud computing is still in a nascent state. For example, Amazon’s Elastic Compute Cloud (EC2) went into full production in October 2008. Back then, watching someone demo infrastructure-as-a-service was like watching a parlor trick:
Demonstrator: “Please tell the audience – have I ever met you before?”
Spectator: “No, you have not.”
Demonstrator: “OK – please select a service – any service – from the catalog and tell me what it is.”
Spectator: “It’s a Windows 2008 server.”
Demonstrator: “OK – now watch that my fingers do not leave my hand.”
<Relatively short pause>
Demonstrator: “… and here’s a lovely VM for the pretty lady.”
<Demonstrator exits stage left to thunderous applause>
A few years later, we moved past the initial awe of the cloud and recognized its game-changing implications within the enterprise. Although “Utility Computing” sounded like a good idea, it required a service-oriented approach as well as the proof point (provided by Amazon) to appeal to the stakeholders who, up until 2008, insisted they had to hug their servers for dear life. Around 2010, savvy CIOs were “kicking the tires” by using cloud computing to automate a particularly operational-intensive part of their workloads – test, development and demonstrations.
But now, the industry is moving beyond the “kicking the tires” stage and stepping up to critical enterprise applications. We have moved beyond merely supporting test, development and demonstration workloads and into supporting production and mission-critical workloads. Just as our effort to standardize and virtualize the previous workloads was non-trivial, neither is this next step.
Enterprise applications are, for the most part, sponsored by “Application Owners” within business units. In cloud terminology, we define a “tenant” in a cloud as the owner of a specific partition of the cloud that is dedicated to that owner. Each of these tenants has very specific governance, risk and compliance objectives. For example, compliance with minimal response times may be a requirement to reduce the risk of impacting the corporate image. High availability may be required to avoid the risk of non-compliance regarding the delivery of services to customers. Security compliance may be an issue for an application owner who is required to protect sensitive, regulated information.
Certainly, a separate cloud could be created for each application owner, but then we would be right back where we started, with dedicated, underutilized resources, a lack of standardization, and escalating administrative expenses. Instead, a robust private cloud solution is capable of providing disparate service and compliance objectives for the various applications within a single, automated environment.