SPECIAL REPORT

FEBRUARY 2012

Cloud Computing
Deep Dive
i Deep Dive Articles
STATE OF THE CLOUD Shaking up the data center . . . . . . . . . . . . . . . .2 n Sidebar: 5 key trends in cloud computings future . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 n Sidebar: The case for public-first cloud computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 IT jobs: Winners and losers . . . . . . . . . . . . . . . .5 CLOUD DEVELOPMENT How the cloud influences app dev . . . . . . . . . . .9 9 must-knows before developing . . . . . . . . . . 10 n Sidebar: What cloud providers should learn from Amazon Web Services . . . . . . . . . . . . 13 CLOUD STANDARDS No . 2 Rackspace tries harder . . . . . . . . . . . . . . 14 LAST WORD THE The cloud makes users of us all . . . . . . . . . . . . 19

Copyright 2011 InfoWorld Media Group. All rights reserved.

Copyright 2011 InfoWorld Media Group. All rights reserved.

i Cloud Computing
i N T RO D U C T i O N

Special Report 2

Shaking up the data center

2011: A year of surging private clouds and public cloud build-outs
i By Eric Knorr If I had to sum up In one word the most excItIng thIng that happened to cloud computing in 2011, Id have to say its OpenStack. This open source project, launched by Rackspace and NASA in late 2010, is assembling a private cloud operating system for the data center that promises vast increases in operational efficiency. The momentum behind it is phenomenal; at last count, 144 companies back the project, including Cisco, Citrix, Dell, HP, and Intel. But at the same time, the public cloud is surging and not just Amazon and Salesforce, though those two remain the largest public cloud service providers. The telcos (notably Verizon) are gearing up to deliver IaaS (infrastructure as a service) at a larger scale than ever before. Microsoft, HP, and others are also building out huge public cloud capacities. On the one hand, with OpenStack, we have a vibrant, fast-growing open source project for creating private clouds, flanked by VMware, which offers a proprietary portfolio of private cloud software. On the other hand, we have an increasing number of businesses seriously asking, Do I really want to run my own data center? For those that dont, the public cloud is getting more attractive all the time. thanks to Verizon, managed routing services enable direct access to the backbones of the worlds leading carriers to ensure high quality of service. Recent high levels of customer demand led Bailey to predict that IDCs estimate of cloud growth to $148 billion worldwide by 2014 may be missing the mark by several multiples. Try $600 billion or even $750 billion, says Bailey. Such aggressive numbers may be self-serving, but the ranks of public cloud boosters are growing. I recently spoke to Joe Coyle, CTO of Capgemini, who believes the telcos are going to be huge players in public cloud services. Moreover, he says, in some engagements he is hard-pressed to come up with a reason to be in your own data center anymore. In economic times like these, up-front cost is clearly a factor. Conventional wisdom says that sunk cost in infrastructure will prevent enterprises from migrating to the cloud. Who would simply abandon all that stuff? But that formulation changes when rack upon rack of servers reach the end of their useful lives. You can gear up for another major capital investment in hardware or turn to a public cloud service provider instead. The same dynamic applies to SaaS vs. conventional onpremise software paying as you go can be a lot more palatable than paying for servers and licensing fees up front, especially when its dirt cheap. To take one example, Google Enterprise vice president Amit Singh recently told me that 5,000 businesses per day are signing up for Google apps, as opposed to 3,000 per day one year ago.

GOiNG PUbLiC
During a recent visit to InfoWorld, Kerry Bailey, president of Terremark (now chief marketing officer for Verizon Enterprise Solutions), was exceptionally bullish in his predictions for public cloud growth. Acquired earlier this year by Verizon, Terremark operates a public cloud IaaS play thats 100-percent VMware the enterprise virtualization vendor of choice. Bailey says Terremark has seen 178 percent growth in its cloud business from 2010 to 2011, with current revenues in the hundreds of millions. He also says that the No. 1 objection to the public cloud, security, has been replaced by performance which Terremark has addressed with proximity. According to Bailey, Terremark now has a physical presence in all the NFL cities in the United States. And
INFOWORLD.COM DEEP DIVE SERIES

MARSHALiNG THE PRiVATE CLOUD

Its worth noting that even if Baileys wildest predictions turn out to be correct, spending on the public cloud would still amount to little more than 20 percent of global IT spending by 2014. The rest will be spent on customers own IT infrastructure and personnel. In large IT operations, the private cloud born of technologies and techniques pioneered by public cloud providers will provide the path
J A N U A R Y 2 012

i Cloud Computing
to new levels of efficiency and agility. So-called private cloud software addresses that need with many moving parts, including virtualization management, metering and chargeback systems, automated configuration, identity management, self-service provisioning, application management, and more. Though far from complete, the OpenStack private cloud solution is compelling in part because it follows a Linuxlike open source model. Today, under an Apache license, the OpenStack kernel has three components: Compute (for managing large networks of virtual machines), Object Storage (for massive storage clusters), and Image Service (for managing virtual disk images). Around that kernel as with Linux distros vendors add value. Between its debut in October 2010 and today, OpenStack has already undergone four revisions. The fifth, codenamed Essex and scheduled for release in spring 2012, will include two new components: Identity, for authentication and authorization, and Dashboard, a UI for managing OpenStack services. But OpenStack is hardly the only game in town. Its bestknown competitor is Eucalyptus, a private cloud implementation of Amazon Web Services that enables you to move workloads back and forth between Amazon EC2 and Eucalyptus (which also comes in an open source version). Then theres Puppet, a wildly popular configuration

Special Report 3

management framework designed to automate almost any repeatable task in the data center. Puppet can create fresh installs and monitor existing nodes; push out system images, as well as update and reconfigure them; and restart your services all unattended. If youre willing to pay the licensing fees, you can even build an all-VMware private cloud. Virtualization is the underpinning of the private cloud and VMware still offers the most advanced virtualization management tools. In October 2011, VMware announced three new suites to simplify and automate IT management, including vCenter Operations Management Suite (an update of vCenter Operations for monitoring infrastructure and managing configuration), vFabric Application Management Suite (mainly devops tools), and IT Business Management Suite (to report on operating expenses, services levels, and so on).

THE CLOUD PANACEA

Yet for some reason, all these efforts to automate everything simply remind me how complex the data center really is. In a recent presentation by VMware vice president of products Ramin Sayar, I was struck by how ambitious VMwares plans seemed how many different types of managers and administrators all that software needed to serve and how much cost and effort might be incurred in wrapping it all the way around the data center. The road to

5 kEy TRENDS iN CLOUD COMPUTiNGS FUTURE

First, the buzzwords cloud computing are enmeshed in computing . Im not sure I ever liked the term, though Ive built my career around it for the last 10 years . The concept predated the rise of the phrase, and the concept will outlive the buzzwords . Cloud computing will become just computing at some point, but it will still be around as an approach to computing . Second, were beginning to focus on fit and function, and not the hype . However, I still see many square cloud pegs going into round enterprise holes . Why? The hype drives the movement to cloud computing, but there is little thought as to the actual fit of the technology . Thus, there is diminished business value and even a failed project or two . Well find the right fit for this stuff in a few years . We just need to learn from our failures and become better at using clouds . Third, security will move to centralized trust . This means well learn to manage identities within enterprises and within clouds . From there well create places on the Internet where well be able to validate identities, like the DMV validates your license . There will be so many clouds that well have to deal with the need for a single sign-on, and identity-based security will become a requirement . Fourth, centralized data will become a key strategic advantage . Well get good at creating huge databases in the sky that aggregate valuable information that anybody can use through a publicly accessible API, such as stock market behavior over decades or clinical outcome data to provide better patient care . These databases will use big data technology such as Hadoop, and they will reach sizes once unheard of . Fifth, mobile devices will become more powerful and thinner . Thats a no-brainer . With the continued rise of mobile computing and the reliance on clouds to support mobile applications, mobile devices will have more capabilities, but the data will live in the cloud . Apples iCloud is just one example . Thats the top five . Give them at least three years to play out . David Linthicum

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
simplicity seems paved with even more complexity. The irony is if you choose to relocate your data center to the public cloud, that complexity will not magically disappear. IaaS is still infrastructure. You wont need to pay for hardware up front, and you wont need to employ people to stand up boxes or reroute cables, but your own IT people will still need to watch the meters and turn the dials remotely. Very likely, theyll need cloud-specific skills on top of the usual skills required to run a data center. Ultimately, ITs mission is to deliver applications either bought or built for the business. In the long run, the cloud that really simplifies IT will largely be composed of SaaS and PaaS (platform as a service). Slowly, haltingly, Microsoft is moving in that direction with Office 365 and Azure. Salesforce lives there and its newly acquired PaaS play Heroku now goes beyond Ruby to support Node.js, Java, and Python. And of course, theres Google Apps and Google App Engine. Those are just a few big names amid hundreds of SaaS and PaaS players. But its still too early for any but the smallest startup to consider going without local infrastructure at all. Instead, were entering a long hybrid cloud period, with a chunk of public cloud infrastructure over here, some SaaS

Special Report 4

apps over there, and a local data center that through Herculean efforts to overcome complexity will be somewhat easier to manage thanks to private cloud software. All that will need to be integrated together. Gaurav Dhillon, CEO of cloud integration startup SnapLogic, wants to supply that connective tissue between cloud services and on-premise applications as do several other public cloud integration services, including Boomi, acquired by Dell a little over a year ago. Dhillon recently told me 2012 is the year the enterprise cloud ... the first time enterprises use the public cloud in a big way. Maybe so, although it will still be a small slice of the enterprise IT spend. I have little doubt the cloud will triumph in the end the economies of scale are just too compelling. But were at the beginning of a very long ascent skyward, with many convoluted twists and turns along the way.
Eric Knorr is the editor in chief of InfoWorld

THE CASE FOR PUbLiC-FiRST CLOUD COMPUTiNG

Private clouds are very much like traditional computing: You have to purchase your own hardware and software, configure all elements, and pay employees to watch over it as they would a data center or any other IT infrastructure . Thus, the core benefit of cloud computing shared resources can be lost when creating and maintaining a private cloud . Considering the relative costs and benefits of a private cloud, many enterprises start with public clouds instead . The reasons are obvious: You can be up and running in a short amount of time, you pay for only the resources you consume, and you dont have to push yet another server into the data center . Good initial uses of the public cloud include prototyping noncritical applications on a PaaS cloud or providing simple storage via IaaS . A significant benefit is that you get real cloud computing experience, not more data center exercises under a new name . From there, you can take the lessons learned to get better usage of more public clouds, to deploy a private cloud that leverages cloud principles, and/or to take strong advantage of a mix of public and private clouds (a hybrid cloud) . Ironically, starting with the public cloud removes much of the risk of moving to the cloud; youre not making the large capital and labor investments and nervously awaiting the expected benefit . The costs of using the public cloud are low, and the payoff (especially the learning aspect) is high . Of course, many Global 2000 enterprises are still wary about using public clouds . Negative perceptions regarding cloud security, performance, and reliability can be daunting obstacles, but those fears are quickly overcome when you take into account the real costs and the real value private clouds versus public clouds . The latter wins every time as long as youre willing to share . David Linthicum

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
S TAT E O F T H E C LO U D

Special Report 5

IT jobs: Winners & losers

The clouds effects on nine classes of IT jobs vary from positive to negative
i By Kevin Fogarty theres a sImple reason so many people say cloud computing will change everything about the IT universe: The cloud democratizes technology to a degree even more profound than when the PC first gave nontechnical people the ability to create unmanageably large spreadsheets they could play with instead of work. Its probably not as profound as the Internet revolution, which allowed ordinary people to rely on Google rather than an eidetic memory and rich classical education, but its not far off, says Dan Olds, founder of consultancy Gabriel Consulting Group. Cloud computing gives nontechnical people quick, affordable access to the most sophisticated software, storage, and data access theyre using to try to do their jobs better, with or without the involvement of IT, he says. CIOs used to have to deal with the occasional rogue IT project; now they have to deal with business managers who hire the equivalent of several IT departments using a credit card and their normal operational budgets, says Susan Cramm, founder of executive career-development and strategy consultancy Valudance, as well as former CIO of Taco Bell and CFO of a smaller PepsiCo restaurant chain. In fact, 65 percent maintain an IT budget of their own carved from their normal operational budget for SaaS or cloud services they can buy directly, rather than going through IT. What does this mean to IT jobs? Some IDC stats give an indication: * By 2014, one-third of all IT organizations will be providing cloud services to business partners rather than providing IT internally, says a poll of attendees at IDCs Cloud Leadership Forum in June. * By 2015, spending on public cloud services (including SaaS) will make up 46 percent of all new IT spending, says IDCs June 20 forecast of Worldwide IT Cloud Services. SaaS will make up three-quarters of that spending, giving SaaS and cloud providers the leading role in vendor relations with your company. Its not a matter of throwing out all the job descriptions and organization and starting something new, says Sean Hackett, an analyst at the research firm 451 Group. There are a lot of commonalities, but the experience will change. Ultimately the bulk of IT could look more like a projects office than the way it looks now, when most of the hands-on work is done inside. It probably wont be a total transformation, but moving into cloud, there will be more of that and less DIY. Where are the changes actually going to happen? Heres a breakdown by role of who wins, who loses, and who must change in the cloud era.

biGGEST WiNNERS: ENTERPRiSE ARCHiTECTS

The biggest change, analysts and IT vendors agree, will be the rise to prominence of a job often considered too abstruse for many companies and too narrowly focused to be practical for others, says consultant Cramm. That job: enterprise architect. Enterprise architects have often been their own worst enemies, says Mark Egan, CIO of EMC VMware, the company most responsible for the spread of virtualization in IT environments. It takes really top technical skills to be able to master the technical aspects, but you find a lot of people with that level of technical understanding dont want to talk to anyone, Egan says. They might just want to sit and draw out systems on paper and not know how to get anyone to want to work with them. But in an organization whose IT infrastructure is heavily virtualized, abstracted, and split among internal and externally housed cloud platforms, the most important IT staff job hands down is the enterprise architect, Egan says. Architects system, database, network, or otherwise are typically systems designers whose jobs are highly conceptual, but also very concrete, says Chris Wolf, a virtualization and cloud analyst at Gartner. Underneath all the

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing

Special Report 6

abstraction there is just as much of a need to manage the WiNNERS: SySTEM ADMiNiSTRATORS details of resource management and performance as with Other than architects, the jobs undergoing the greatest physical servers, he says. Instead of only having to deal change as cloud encompasses the data center are those with the number of variables you might involving hands-on system adminisSUBSCRIBE TODAY have within one server farm or data centration. ter or smaller set of servers, in a cloud- Keep up to date on the Architects may design and tune based infrastructure you can allocate latest mobile news with cloud infrastructures, but system resources like memory or CPU cycles or administrators do the detailed work the InfoWorld Cloud bandwidth or I/O across the whole orgaof spreading workloads across servnization. Thats a far more complicated Computing newsletter. ers, virtual servers, and data centers, picture. assigning CPU cycles, memory, storDelivered straight to Within a cloud infrastructure, the relaage, and other resources as needed your inbox each week. tionships among applications, networks, to keep performance high. and servers are far more complex than If you dont change job descripDont miss a beat, traditional infrastructures because there tions so sys admins arent restricted are so many additional connections, says wherever you happen to one silo because the applicato be. Sign up now! Rachel Dines, an infrastructure and operations and VMs in an internal cloud tions analyst at Forrester Research. That arent restricted, either youre letmeans architects are essential. ting the potential gain in efficiency Despite the abstract notions that people typically associfor IT people go to waste, says Forrester analyst Dines. ate to architects, the reality is that much of the job focuses You cant get the most out of a cloud infrastructure if your on the critical details than enable everything to work well. admins are still suck in older ways of doing things. For example, people tend not to think of performance At VMware, for example, Egan thought it made more tuning in cloud or virtualized systems, says Patrick Kuo, an sense to distribute IT staffers to individual business units independent consultant who has helped build Web and viraccording to the amount of IT resources used by that unit. tual-server infrastructures at Dow Jones, the U.S. Supreme Rather than working in the data center and being responCourt, and the Defense Information Services Agency. sible for supporting a business unit, theyre located in and He advises that you start with the right servers and proresponsible to IT managers within that business unit feelcessors make sure each has enough power, memory, and ing and being treated as a part of the business-unit team cache, and that network connections are reliable and fast rather than as support from outside the department, Egan then split major functions and distribute each across the says. infrastructure to help avoid bottlenecks from weak links in But cutting the absolute connection between system the computing chain, or concentrations of too many workadministration and physical hardware doesnt eliminate loads in one place, Kuo says. the need to maintain the hardware, consultant Olds notes. Weve been able to get better performance in many case You have to have people handling the hardware itself or with a four-tier architecture instead of your typical threethe networks, but a lot of the things we used to do have tier, putting a layer of caching in the front, then the apps gone away, Olds says. You dont usually have someone servers holding most of the logic, then the Web servers and sitting and rebuilding a server for hours or days. If a server a replicated database backing them up. Its all n-tier applicagoes bad, you pull the card out of the chassis, throw it away tion design, but it has to be done differently in virtualized and slot in another. Or you close out the VM and provision environments like cloud services or you get bottlenecks in another. Then you go on to the next thing. Its a far higher places you wouldnt think would cause problems, Kuo level of efficiency. says.

WiNNERS: FRONT-LiNE iT MANAGERS

Lower-level IT supervisors and managers will also have

INFOWORLD.COM DEEP DIVE SERIES J A N U A R Y 2 012

i Cloud Computing
to make major changes to their responsibilities and daily routines under cloud infrastructures and for the same reasons that apply to sys admins, consultant Cramm says: If all the system administrators are responsible for processes running in portions of the cloud distributed throughout the company, it makes no sense to have their direct supervisors locked in the old silos. IT gains from loosening organizational structures so that people are assigned to support specific business functions or business units, rather than to a specific server, says James Staten, a cloud computing and infrastructure analyst at Forrester Research. Most companies moving into cloud or virtual computing for the first time dont appreciate how restrictive organizational silos can be in slowing or stopping a migration, even if the only problem is the need to continually make ad hoc decisions about who is responsible for which workloads or Web services, he adds. The result of the cloud for IT supervisors is a role similar to the one they have today but in a far larger environment one that could encompass the whole enterprise rather than just one facility.

Special Report 7

CHANGED ROLES: CONTRACT AND SERViCE MANAGERS

Dealing with service-level guarantees, searching for and choosing the best provider for a particular IT service whether that be a SaaS company, external cloud provider, or internal IT is too much for many IT people to handle given their hands-on workloads, says consultant Cramm. Typically youre talking about a couple of dozen SaaS providers and platform providers you have to be able to talk to and integrate technology with, Egan says, and managing those contracts becomes a skill set in itself. Cramm warns, There are a lot of technical issues to integrate with an outside provider, because cloud sounds so fantastic, but as we found out with Amazon, if you dont do your due diligence and dont have the contracts laid out right, youre not going to get what you need and youll spend the whole [term of the contract] wishing you did it differently. Managing external vendors and contracts is second nature to large populations of specialists within IT, mostly those at companies that have outsourced most or all of their IT, Olds says. People in such organizations will more easily adapt to the external management challenges that come with the cloud.

CHANGED ROLES: CiO AND SENiOR iT MANAGERS

Like lower-level IT supervisors, senior-level IT managers are having their responsibilities expanded and barriers among them broken down or should be to accommodate more flexible infrastructures that include applications or islands of computing power housed with external service providers. A significant amount of the computing power and applications the typical enterprise uses is coming from Salesforce. com or Amazon.com or Google or other service providers, Staten says. If youre going to rely on that connection and integrate it with the rest of your infrastructure, you need someone who can identify standard interfaces, enforce service levels, make informed decisions about which service providers to choose. In the past, the CIO or IT executive responsible for outsourcing deals was the only one involved with those kinds of extracurricular connections, Forresters Dines says. With cloud and SaaS, many of the senior IT managers will find themselves doing it.

CHANGED ROLES: ENTERPRiSE DEVELOPERS

Its not that large companies will be using less software than they used to, its just that they wont be writing or customizing nearly as much of it themselves, says Forresters Staten. Companies can get either the bulk or a large chunk of the software they use from Salesforce.com or other SaaS providers, which means they dont have to build the core functions of those applications themselves. They do need to maintain the data and databases, as well as implement a certain amount of customization to make generic SaaS apps fit their workflow and data but much less so than in the past, he says. Youre not really customizing Salesforce to meet your needs, Staten says. Youre making some adjustments, using APIs and documentation and simple tools they supply. Mainly youre adjusting your internal workflow to match what the SaaS providers

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
you choose can supply. In some ways thats actually better because you learn more about standardizing on efficient processes rather than customizing everything. Consultant Cramm expects the demand for developers to remain strong in a cloud-oriented enterprise its just that less of the development will be done internally and more by outsiders. If you can get what you need externally, in terms of enterprise applications, why build it yourself? she asks. Someone still has to do that programming; its just not you.

Special Report 8

seeing is that companies are willing to hire those [specialized] skills from outside on a temporary basis. So you end up with IT being populated much more by IT generalists, but theyre generalists with a lot higher level of skills than before. Thats good internally because youre hiring experienced people, but it makes getting that first job or two harder for people right out of school or who are very early in their careers. Theres a higher barrier of skills to climb.

LOSERS: iT MiDDLE MANAGERS

If there is one class within IT that will suffer from wider adoption of cloud and virtualized systems, it is those between the hands-on supervisors and the managers who work directly with the CIO. Think about it, says Gartners Wolf. If you have sys admins doing networking and applications and storage and theres a lot of reaching across among silos, why do you need a separate manager for each silo? He adds, Theres an overall flattening of management within IT as a lot of those silos become obsolete, and so it becomes more important to be a generalist who can do a lot of things than to remain a specialist at any one thing.

UNCERTAiN iMPLiCATiONS: iT SUPPORT AND HELP DESk

Predicting the demise of the help desk and direct IT support role is risky because users always need more help than IT can afford to give, analysts agree. As enterprise applications become more intuitive and Web-oriented, and as corporate applications become available in an app store that users can browse to find the applications or resources they need, the need for hordes of support people living on the phone or walking into business units to repair someones laptop decreases. If you can put all your apps in a Web interface, so they live in the cloud, and the desktops are either remote-managed or provisioned via VDI [virtual desktop infrastructure], its more possible to fix a problem by closing out the VM and relaunching a virtual desktop for that user, or to log in remotely, fix things, and log out, Olds says. The key to being able to scale to support very large cloud infrastructures is automation the ability to automate solutions to common end-user problems, password reassignments, reconfigurations, provisioning new resources, and so on, Olds says. Of course, such automation can reduce the need for support staff, Olds notes. But usually you find the company has taken those people and moved them to different responsibilities, or given them time to do the things they were supposed to do the things they couldnt do because they were always running around putting out fires.
Kevin Fogarty is a freelance writer covering virtualization, cloud computing, security, and IT innovation. He blogs daily at ITWorld.com. Reach him at kfogarty@technologyreporting.com or on Twitter at @kevinfogarty.

LOSERS: TECHNiCAL SPECiALiSTS

Specialized skills in networking, security, storage, or any other IT discipline has been the best guarantor of a job or chance for advancement in many IT organizations, says 451 Groups Hackett. Not any more. IT people working with applications based in the cloud need to know about networking, storage, security, user interfaces, and all the other parts of the infrastructure that application touches. IT doesnt require skilled resources at the lower levels to maintain a data center. It requires a guy who can go over to a rack, pull out a bad board, put another one in, and slap it back in the rack, Hackett says. That means IT needs more people able to do a lot of things and not as many who can do a very few things very, very well, consultant Olds says. Increasingly what were

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
C LO U D D E V E LO PM E N T

Special Report 9

How the cloud influences dev

Some technologies are on the rise in small business, enterprise development
i By Paul Krill mobIle and cloud computIng are begInnIng to change the way that developers work at enterprise-level and smaller businesses, according to a report released this week by Forrester Research. The report, entitled The State of Application Development in Enterprises and SMBs, also found that the use of development technologies such as HTML5 is becoming more prominent, although Java and .Net still dominate. Mobile development exploded in 2010 and will continue to expand in importance in 2011, said the report, which was authored by analyst Jeffrey Hammond with assistance from analysts Mike Gilpin and Adam Knoll. But the types of mobile applications that developers are building are evolving. According to the report, customer-facing applications constitute the most frequently developed mobile applications, with 51 percent of decision makers building or planning these. Thirty-nine percent of development shops are mobilizing employee intranets, and 29 percent are readying mobile collaboration software. Fifty-one percent of respondents are most interested in using mobile applications or mobile-optimized websites to reach customers. Most mobile developers plan to target iOS devices like the iPhone and iPad roughly 56 percent and 36 percent, respectively while Google Android was targeted by 50 percent of mobile developers. Windows Mobile and RIM remained popular, but Symbian development was chosen by only 8 percent of respondents, the analysts said. Overall, in-house developers anchor most mobile application development efforts, with nearly 80 percent of shops planning to use their own people. In the cloud space, one in eight development organizations has deployed applications in the cloud, according to the Forrester report. High-tech manufacturers, such as computer hardware manufacturers and consumer electronics firms, are most likely to deploy applications to the cloud (24 percent), although services firms are also aggressive adopters at 19 percent. Developers at health care companies seldom use the cloud today, with less than 5 percent developing, testing, or deploying cloud applications. Clouds of choice among developers include Amazon Elastic Compute Cloud, which is favored by 27 percent of Eclipse developers; Google App Engine, preferred by 18 percent of Eclipse developers; and Microsoft Windows Azure, which is used by 6 in 10 Visual Studio developers. Among cloud platforms, .Net and Java are the most widely used; 48 percent of enterprises and 21 percent of SMBs use both platforms. But interest in open Web technologies is growing. HTML5 is certainly one of these, with 60 percent of developers either already using it or planning to within the next two years. But the open Web is not just about HTML5. There are others, including lightweight Web frameworks based on the LAMP stack or other frameworks like Ruby on Rails, which one in five shops is now using, Forrester said. The report also found that developers like working with open source. Its simple for three out of four developers open source helps them deliver projects faster. Seven in 10 also cited a reduction in software costs when working with open source software. The transparency of open source code is also important to 63 percent of development professionals, while 51 percent use open source as a hedge against vendor lock-in, Forrester analysts said. But only 22 percent of developers actually have contributed to open source projects. In the area of project spending, Forrester found that IT organizations struggle to fund new software development initiatives, but they have made steady progress in increasing the proportion of the software budget spent on new initiatives and projects from 33 percent in 2007 to 50 percent in 2011.
Paul Krill is an editor at large at InfoWorld, focusing on coverage of application development (desktop and mobile) and core Web technologies such as HTML5, Java, and Flash.

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
C LO U D D E V E LO PM E N T

Special Report 10

9 must-knows before developing

Heres what to do when making, testing or deploying applications in the cloud
i By Bob Violino applIcatIon development and testIng In the cloud are gaIning popularity, as more businesses launch public and private cloud computing initiatives. Cloud development typically includes integrated development environments, application lifecycle management components (such as test and quality management, source code and configuration management, continuous delivery tools), and application security testing components. Although technology executives and developers with experience in cloud-based development say there are clear benefits to developing in these environments such as costs savings and increased speed to market they also caution that there are challenges and surprises to look out for. Just how common development in the cloud is likely to become isnt clear. But industry analysis shows its on the rise. In a February 2011 research note, Gartner said clients that attended the firms symposia in 2010 expressed sharply increased interest in cloud computing to enhance the development and maintenance of existing custom Web applications. I see it the most in prototyping and parallel branch development, but theres also huge growth in the loadand performance-testing space, says Eric Knipp, a principal research analyst at Gartner. If youre looking to venture into cloud development for the first time, here are nine types of hurdles you might encounter and suggestions on how to address them from developers whove actually done the work. cloud service, Knipp says: That means there might be a lot more stuff that developers have to stub out to get a test app up and running. Service virtualization technology can help, Knipp says, and developers can take advantage of market offerings that enable multiple/parallel branch development. Take the case of iTKO, which offers a software suite called Lisa that helps companies move enterprise applications into the cloud. Developers accustomed to noncloud development might also encounter surprises when it comes to building Web applications in the cloud. For instance, Greg Taylor, who built an online registration application for the Ohio Music Education Association, wasnt expecting that hed need such a thorough understanding of database structure and how users would interact with it when he created the application. The app, which handles the registration of school music performers in statewide music contents, uses a MySQL database as the back end and Alpha Five 10.5 from Alpha Software for the front end. I am coming from a FileMaker Pro background [and] that product is extremely forgiving with regards to database structure, Taylor says. A poor design can still be used with a reasonable amount of success. But developing with MySQL forced Taylor to be extremely organized so that the Web app would have the best performance possible. Going back to the table structure to add more fields is time-consuming, as it involves rotating between different development tools, Navicat for MySQL and Alpha Five for the actual Web page design, he says. The first tool creates the database structure, while the second one creates the pages the user interacts with in order to enter and edit information in the database. This may not be an issue for developers leveraging a database that has already been created, Taylor says. They would simply use Alpha Five to develop the Web pages that a user would access. In my case, I was simultaneously developing both the database and the Web pages, which would have required me to switch between the developJ A N U A R Y 2 012

CLOUD DEVELOPMENT GOTCHA 1: THE CLOUD DOESNT ALWAyS WORk LikE THE REAL WORLD
Developers might find that the configuration they use in production is hard to replicate on cloud services. For example, with an application you develop in the cloud before bringing back to run locally, you might need to test against a legacy system that you cant simply copy onto a
INFOWORLD.COM DEEP DIVE SERIES

i Cloud Computing
ment tools if I had not planned carefully. To avoid that ongoing round-tripping, Taylor had to change his database development approach: By developing a clear ERD [entity relationship diagram] with all needed fields first, my Web app is efficient and my overall development time is greatly reduced. In some cases, cloud development tools do work like the real world at least, of yesterdays version of the real world. Jeff Hensley, HRIS senior analyst at DaVita, a health care firm specializing in kidney dialysis, was surprised that developers working in the cloud needed to use commandline tools, XML, and SQL, which reminded me of the old DOS days. He expects that old-school approach to change over time as adoption increases. DaVita is using both cloud-based application delivery platforms and hosted servers to develop and deliver human resources data warehouse and business intelligence applications.

Special Report 11

CLOUD DEVELOPMENT GOTCHA 2: SOME APPS ARENT iDEAL FOR DEVELOPMENT iN THE CLOUD
The more hard-to-access or hard-to-replicate systems an application integrates with, the more difficult it is to develop and test it on cloud computing resources, Knipp says. For example, Dan Stueck, vice president of IT for Faith Educational Ministries, avoids developing high-end applications in the cloud that have extreme data security or regulatory restrictions, or rely on legacy coding projects, such as those in Cobol. Those two are probably best kept in house, he says, the first due to the obvious security concerns, and the second because of the dead language issue. Where Stueck has used the cloud is to run a development server on Amazon.coms public cloud service and to build a student information system, student transcript archive, and home schoolbook selling application in the cloud.

from Salesforce.com to build a custom application that allows outsourced reps to enter sales data into 20/20s order-to-invoice-to-payroll tool. The thing that was probably most unexpected was how well the entire [cloud development] project was received by the management and sales teams and everyone who uses the system, [and] how poorly it was received by the IT organization and in particular developers, says Mark Warren, chief architect at 20/20. The IT people were accustomed to working with Microsoft .Net, SQL Server, Java, and other traditional development platforms, Warren says, and Force.com was a completely different model. If you know SQL and Java, thats your toolbox, and youre not going to want to go to this completely alien platform thats coming in, Warren says. As a result, the sales application was developed primarily by business staff, not by IT developers. That brought its own set of challenges, Warren says, the biggest of which was a lack of understanding among the businesspeople about change management and IT governance. IT has a level of discipline that businesspeople are not used to having enforced on them, Warren says. We had to bring them up to speed on change management issues. As for addressing the reluctance of technology people to develop in a cloud environment, there are programs IT can implement to help adopt cloud computing internally, Warren says. Training is certainly a good method to facilitate, he says. However, unless the culture of IT is open to new methods and technologies, organizational change [getting new developers] may be the only option.

CLOUD DEVELOPMENT GOTCHA 4: LACk OF DOCUMENTATiON HiNDERS CLOUD DEVELOPERS

DaVitas Jensley was surprised by the lack of documentation to help developers understand the cloud and the tools and resources that can be used to build applications in that environment. I would definitely expect that to change as the demand increases and more and more companies begin adapting the cloud concept, Hensley says. We were able to combat that by partnering with a consulting firm.

CLOUD DEVELOPMENT GOTCHA 3: DEVELOPERS OFTEN DiSLikE THE UNFAMiLiAR CLOUD TERRiTORy
Cloud computing is still relatively new to a lot of organizations, and it can be a disruptive technology, including in the development arena. 20/20 Cos., a provider of outsourced sales services, used the Force.com cloud platform
INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
CLOUD DEVELOPMENT GOTCHA 5: NETWORk iSSUES CAN bEDEViL PRiVATE CLOUD ENViRONMENTS
Developing in the cloud sometimes means developing in your own private cloud, which may not have the multitenancy and load-movement capabilities that keep your applications available 24/7. In a private cloud environment, one of the challenges is to design for and anticipate scheduled and unscheduled maintenance of the servers, and how to fail over gracefully, says David Intersimone, vice president of developer relations at Embarcadero Technologies, a provider of database management tools. Embarcadero is using its virtualized data center for application building and testing. For internal private clouds, we have a couple of options: choosing the scheduled date/ time, and staging which servers are done in a certain order, Intersimone says. There are automated build and automated smoke test processes that are running all the time in our main private cloud and also in regional development offices. To get a more available environment, Intersimone says hes looking into a cloud container and virtual private network offering from CohesiveFT that can be installed in public and private clouds to provide on-demand scaling, failover, disaster recovery, and disaster readiness. Other issues that can affect development and testing involve network delays and latency and the size of network pipes, especially in certain parts of the world. Embarcadero has research and development centers in Scotts Valley, Calif., Monterey, Calif., Toronto, St. Petersburg, Fla., and Iasi, Romania, plus a sprinkling of smaller teams and individuals throughout the world. Embarcaderos geographically diverse development environment makes it harder to synchronize check-ins, builds, and automated testing, Intersimone says. To solve some of this, developers do local builds and regional builds, as well as on the code check-in, on the virtual servers available to all. Developers also do local builds on their own machines. Embarcadero ensures these dont fall out of sync with the master versions on the private cloud by using Subversion, an open source tool for source code control. When a build occurs, an automated test is run to validate the build, Intersimone says. Then notifications go to all development teams and the build is automatically pulled over a Chinese wall to a large number of automated test
INFOWORLD.COM DEEP DIVE SERIES

Special Report 12

virtual machines at our development centers. Automated and manual tests are done on the resulting build to verify the status, and emails go out to other team members after this process is completed. All of this happens continuously during a projects development lifetime, he says.

CLOUD DEVELOPMENT GOTCHA 6: iTS EASy TO LET THE METER RUN UNNECESSARiLy ON THE CLOUD
Another potential problem is wasting money on cloud fees. Developers can easily forget or neglect to turn off virtual machines they arent using. Ive heard from some clients that let developers go wild with virtual machine resources that sometimes the developers would just leave stuff up and running, say over a weekend, Gartners Knipp says. When it was on an in-house, capitalized server, this was no big deal. But when it is on usage-metered, leased resources as with public cloud computing, this is a waste of money. Knipp says he expects this to become a new challenge for enterprises as they roll out private cloud initiatives. While theres little risk in getting a big, unexpected bill for developer virtual machine usage in a private cloud, in a self-service, private IaaS environment, a developer can spin up VMs and never turn them off, Knipp says. These will effectively eat up resources from machines that are not being effectively utilized and could result in the organization buying too much capacity as planning gets skewed.

CLOUD DEVELOPMENT GOTCHA 7: CLOUD LiCENSES CAN CONTAiN SURPRiSiNG DEPLOyMENT RESTRiCTiONS
Among the nontechnical issues with the cloud that can have an impact on development are licensing restrictions. Two years ago Kelly Services, a national temp agency, decided to use cloud-based development for many of its homegrown applications, with Salesforce.coms Force.com platform acting as the delivery vehicle. Cloud development has brought benefits such as faster turnaround time on app development and lower costs, says Joe Drouin, CIO at Kelly Services. But the company also encountered some unexpected issues with licensing, specifically regarding what types of user seats it had and what limitations they carried. For example, a seat might have a set number of objects a user could access. As a result, at some
J A N U A R Y 2 012

i Cloud Computing
points we were surprised by what we could or couldnt do with development, Drouin says.

Special Report 13

CLOUD DEVELOPMENT GOTCHA 8: iNTEGRATiON CAN bE HARDER TO TROUbLESHOOT

Integrating new applications with existing ones can be a key part of the development process, and the cloud brings even more challenges from an integration perspective, Drouin says: With cloud computing, companies typically dont have open access into their cloud providers infrastructure, applications, and integration platforms. Kelly has experienced performance issues between cloud-based applications and its on-premise systems as well as among multiple applications in the cloud. Its difficult to troubleshoot these issues because the company often can only track transactions in its own infrastructure, Drouin says. To minimize integration issues, Kelly developers try to use cloud providers APIs whenever possible; thats been fairly easy to do because many cloud providers expose their APIs, Drouin says.

CLOUD DEVELOPMENT GOTCHA 9: THE CLOUDS FAST PACE OF CHANGE CAN bE HARD TO kEEP UP WiTH
IT services provider Avanade uses the Azure cloud plat-

form from its part owner Microsoft, along with Microsoft development tools, to develop and test both internal and client work. The familiarity of the development tools and the speed of the development and test environments have been pluses for the firm, says Graham Astor, director of global solutions at Avanade. But being on a quickly evolving cloud development platform means its necessary to update best practices frequently, he says. Azure is on a two-month release cycle of performance and feature improvements, so Avanade meets monthly with members of the Microsoft product teams to get a heads-up on whats coming. Would others get that kind of access? I have no idea, Knipp says, but it is in Microsofts interest to get as many consulting firms as possible on board with Azure, in order to drive adoption. Despite the learning curve, cloud development is appealing Despite the potential challenges, for many organizations application development in the cloud rather than sticking with traditional methods makes sense, for the same reasons that cloud computing in general makes sense: elasticity of resources and cost, and reduced operational complexity, both of which lead to shorter completion time.
Bob Violino is a freelance writer who covers a variety of technology and business topics. He can be reached at bviolino@optonline.net.

WHAT CLOUD PROViDERS SHOULD LEARN FROM AMAzON WEb SERViCES

Who wouldve thunk 10 years ago that Amazon .com would have the best cloud plays since Salesforce .com? Amazon .com has succeeded despite some very well-publicized AWS outages that hurt smaller companies . We appear to have short memories around those events: AWS sales did not seem to miss a beat . Its clear that AWS quickly rises to the top in its selections for a few good technical reasons, including well-thought-out and finegrained APIs and services, ease of on-boarding, and best third-party support .The APIs are how applications access the infrastructure services that AWS provides, such as processor, storage, and database . The AWS API sets have a better design than those of their counterparts, providing the best access to primitives, meaning the ability to get pretty close to the metal . The decision to use finegrained services for access to AWS cloud services clearly pandered to developers who like control . Moving onto AWS is a fairly seamless process, and the less friction when you move to a cloud provider, the more business that provider gets . I hope others figure that out, because in many instances, on-boarding clients onto their cloud offerings is a huge pain . Finally, there is third-party support lots of it . Everyone loves and supports AWS, including many new companies that provide IaaS cloud management services that not only support AWS, but run in AWS . You cant get a better validation than that, and I suspect that much of the billion dollars in AWS sales this year will come from partners . AWS is doing many things right, and it continues to be the 800-pound gorilla of IaaS . Perhaps the emerging cloud computing space needs one of those right now . David Linthicum

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012

i Cloud Computing
C LO U D S TA N DA R DS

Special Report 14

No. 2 Rackspace tries harder

The U .S .s second largest provider of IaaS talks about how they differ from Amazon
i ByEric Knorr rackspace Is the second largest provIder of Iaas (Infrastructure as a service) after Amazon Web Services. On track to make $100 million in revenue this fiscal year, Rackspaces IaaS business is roughly one-tenth of Amazons, a number that does not count the revenue Rackspace accrues from its more traditional hosting business where the company began and from which it derives its differentiation in the cloud space. InfoWorld: What its like to be No. 2? How would you differentiate the services that you offer from Amazons? Moorman: I think Amazon has been a catalyst to this industry and has been a great pioneer in this space. But I think that we have a very different approach than Amazon has. First of all, we are a hosting company, and we think our hosting roots are actually very powerful. Its going to be very difficult to tell the difference between hosting and cloud because I think every big customer is going to have some of each over time. So that portfolio [of hosting services] really matters. Also, we are very committed to open standards. Im actually here this week for the OpenStack Design Conference down in Santa Clara, Calif. There are 500 folks down there working on OpenStack, and we just couldnt be more pleased with how thats going. The idea is that you can run a Rackspace cloud through our public cloud. You can run it privately in our hosting environment, or you can run it on premise. And in the future youre going to be able to run it with our competitors. And the last part, of course, is service. I think that when most people hear the name Rackspace, they think service and customer support, and I think that the cloud needs support as much as the physical world did. In some cases, more so, because theres this explosion of applications that IT departments cant keep up with. They need some help keeping these applications up and running, responding to monitoring alerts, doing those kinds of things. So the idea that we log in to boxes and help you fix things is just a
INFOWORLD.COM DEEP DIVE SERIES

whole different kind of approach than Amazon has. InfoWorld: You wouldnt say there is any significant difference in technology support? Moorman: I think there is. We really want to build our cloud products to look and feel and act like traditional infrastructure. So we have persistent storage, we have static IPs, we are going to use VHDs, not a proprietary standard of disk format. So we are committed to having things look and feel and run very much like traditional infrastructure, which makes it very easy for people to use our cloud products. I think that Amazon has had just a different approach. Its not better or worse, its just different. InfoWorld: So in a nutshell, high availability and disaster recovery is cheaper under your model? Moorman: No, I wouldnt agree with that. InfoWorld: Its more familiar? Moorman: Its simpler. Its more familiar there arent new concepts to learn to use our cloud. We want to eliminate this need to re-architect for the cloud as much as possible, and we want things to work like youre used to them working. InfoWorld:Could you give me a breakdown of applications on your cloud? Moorman: I can give you a general sense. We have a lot of our enterprise customers who are using our cloud for dev and test, and so its a great option for that. But I would say the predominant is public, bursty websites. So if you look at big media companies ... any company ... InfoWorld: E-commerce? Moorman: ... yeah, e-commerce, running promotional websites, public websites, the cloud is just such a better fit for it. Because many times you run promotions or run new initiatives and you have no idea how big theyre going to be. So the ability to be able to sort of fine-tune that over time is something that really makes a big difference for customers. InfoWorld: So you spoke about having your roots in hosting. To me, the lines between hosting and enterpriseclass IaaS have never been crystal clear. You offer both. Talk to me about where you see the real points of differJ A N U A R Y 2 012

i Cloud Computing
entiation. Moorman:We draw a distinction around our cloud products, which are really software-powered infrastructure. And because of that, theyre highly productized. With our cloud servers, you can get small, medium, large we have eight sizes but the components of what is in that server are identical across the board and you cannot change it. So the way the disk is configured, the way the network works, these are all productized options. Same with our storage offerings, our load-balancing options. You can do some configuration, but its within a tight range of things, because its software-powered. Its not something thats done through operations; you have to consume the products as they exist. With physical hosting and our traditional hosting, we can custom-configure servers any way you want them. We can build out a network any way you want it. We can set up storage any way you want it. Theres a lot more ability to customize and tailor; it makes it easier to get security. I think the cloud is extremely secure, but you have to go through more hoops and you have to do more to use this productized service set to get it as secure as youre used to in the physical world. InfoWorld: What about encryption? Moorman: Encryption is not a problem. I mean, you can encrypt across any of these technologies pretty easily. Its more about, how do you deal with a big flat open network in the cloud and how do you secure around where you dont have to do that? In the physical world we set up a private network for you with VLANing capabilities, and so you literally are in an out-of-the-box, very secure environment that is very easy to get set up. In the productized, scalable world, you just have to do other things. It can be extremely secure, theres just more work that has to be done because its in this highly productized model. So thats really the distinction we draw. And our general belief is that everyone should be using the cloud they just shouldnt run everything on it, and they should figure out where its a better fit. And so many, many of our customers will run databases. There are I/O issues in the cloud because of the hypervisor layer, and they dont want those performance hits. So they run their database tier in the physical world and then they run their application in a Web tier cloud in this combination. And we have ways to securely tie this together so its all on one network and works seamlessly. This is a very, very common model.
INFOWORLD.COM DEEP DIVE SERIES

Special Report 15

Theyre using the best of both worlds. InfoWorld: Its interesting listening to you talk about these very well-defined commercial cloud services. I think CIOs are still thinking: private cloud, private cloud, private cloud. The public cloud is either too risky or theyre going to have to cede too much power, like control over availability. These kinds of showstoppers still seem to be in place in larger companies. Are you seeing some movement there? Moorman: I think if you look at the small and medium business world, they are moving to cloud rapidly because theyre not going to run data centers anyway. But if you look at the Fortune 500, where theyre running data centers, I think that actually CIOs believe the cloud is real, but its just not for everything. Theyre going to have their own assets and their own data centers, and they want to make them more agile and more effective and more efficient. And so they want to build cloud-like capabilities inside the firewall, but theyre very interested in having their internal systems talk to their external systems. Were getting just incredible interest around OpenStack, in terms of big Fortune 500 companies wanting to transform their internal data centers and have all their predictable workloads run in-house on their own cloud, but have all the unpredictable (and in many cases new) applications run in cloud environments like ours. So I think youre going to see legacy infrastructure in data centers theyre going to continue to be in-house for some time. But I think that many new applications and much of the unpredictable workloads are going to go in public clouds. And I think the CIOs are more open to it than everyones letting on. I would bet the vast majority of Fortune 500 companies are using either us or Amazon in some sense. It might be very small, but they are experimenting with it, theyre dabbling with it, theyre running some applications. Theyre doing some test dev, and theyre seeing the power of it. InfoWorld: And how much is that going through lines of business and how much does the CIO know about? Moorman: Well, I think youre right. There is a lot of ... so-called rogue IT that is happening out there. But this is a fact of life for CIOs. InfoWorld: But lines of business didnt have this particular option before. Moorman: They did not. But theres no stopping that,
J A N U A R Y 2 012

i Cloud Computing

Special Report 16

and the long tail of applications that exist in a business are provider? going to explode. And IT departments are really built to Moorman: I would say the more likely scenario is that run five core applications that run a company. There are those core applications start to get disassembled. So instead going to be hundreds of applications in businesses that run of having a monolithic ERP system with ten modules, comthose companies, and IT departments are going to have to panies are moving more to service-oriented architecture respond to that. And theres no question in my mind that and are saying, look, we might use Salesforce for CRM, we public services are going to be part of it. might use Service-Now for ticketing. These big monolithic InfoWorld: What are you hearing from CIOs in how stacks are getting disassembled and piece by piece theyre they manage rogue IT with this cloud option? And do going to move to the cloud. you have any recommendation for CIOs InfoWorld: Talk to me about SUBSCRIBE TODAY in how they should look at that? OpenStack. The Holy Grail is the Moorman: I actually think CIOs are Keep up to date on the idea that when you need to you just now getting on top of it. A lot of them latest mobile news with can burst and you can manage know whats happening and theyre trying that external resource as if it were to get their arms around it, but theyre not the InfoWorld Daily of a piece with internal resources. succeeding. I think they need to get pro- newsletter. Would you say OpenStack is part of active. They need to realize that its real that journey? Delivered straight to and its happening and they need to view Moorman: We launched Openthemselves as enablers to allow the com- your inbox mornings Stack about nine months ago, and pany to get that extra productivity thats and afternoons, six days I truly believe its one of the fastcoming from all these applications that are a week. est, most successful open source getting built. projects in history. The amount of InfoWorld: What sort of controls can Dont miss a beat, interest, the amount of corporate a CIO put in place to make sure no one is wherever you happen sponsorship, the amount of enterduplicating effort or creating security probprise interest is just unbelievable. to be. Sign up now! lems, that sort of thing? The idea of an open source projMoorman: I think what they need to ect that allows them to increase the figure out is how do we handle all the agility of their own internal infrarequests around the most sensitive data so structure, but then also have the no one is compelled to put that on cloud service? But othpromise of a cloud that looks and acts and feels and can erwise, let people run. A public promotional website crebe federated in Rackspace, in Internap, in Korea Telecom, ates no corporate risk. If youre going to run a Super Bowl you know, this is a very exciting prospect for companies ad and want to put a complementary website up, theres the ability to go find capacity around the world. Its early really no corporate risk in doing something like that, and days. The code is in good shape, but its got a long way to they should let business units go get that done and not go to be out-of-the-box turnkey for people and really simple wait in a big long queue with the IT department to make to get going, but its getting there. that happen. InfoWorld: Give me a quick sort of technical overview, But what they should say is if you want to do somehigh-level technical overview of OpenStack. thing with critical data, we will be very responsive to you Moorman: OpenStack has really three core compoand we will help you get that done in a way that makes nents out of the gate. It has a compute orchestration layer, sense. So people arent compelled to do it with the most so the ability to sort of provision virtual machines, turn them critical data. So theyve got to start thinking about being a off and on, move them, back them up, all those kinds of service provider. things. It has an object storage system similar to our cloud InfoWorld: What about applications that may be more files. And then it has an image service called Glance, core to the business, but they want to use a public cloud which allows you to manage your images and use them to
INFOWORLD.COM DEEP DIVE SERIES J A N U A R Y 2 012

i Cloud Computing
sort of control workloads. So those are the three core components, which form the core of any cloud: the workload management, the compute, and the storage. Lots of new projects are emerging around it, including our load balancing service that weve donated. We have a block storage effort thats ongoing. We have a database service that were sort of working on. So a lot of these things will start to show up in the code as well, but the core elements are there to really run a cloud. And today we run the object storage and we are in the process of moving to the compute. The compute is really the next generation of our cloud, and we collaborated with NASA on that code. So we are in the process of moving to that code because its a whole new code base. We were going to re-factor our core code base anyway and now were doing it in the open and we have an active project. We really believe that this year will be completely on the OpenStack code. InfoWorld: And doesnt this require close collaboration with virtualization software providers? Moorman: OpenStack supports gosh, I dont know, were up to five hypervisors five or six, so Hyper-V, Xen, KVM, ESX, VMware, Oracles virtualization. So you can run multiple virtualizations. We are a Xen server shop in terms of running our cloud, and for the time being were pretty committed to that. But the truth of the matter is it is meant to be hypervisor-agnostic, platform-agnostic. So over time, if it makes sense for us to use VMware or use Hyper-V, well have an option to do that. And certainly companies that want to run these technologies in-house can choose their hypervisor. Were getting great support from those players, and Microsoft has contributed to the project, Citrix is a major contributor to the project. These are open platforms that have open APIs that you can interact with. So OpenStack is meant to work well with all of them. InfoWorld: Do you think the distinction between IaaS and PaaS (platform as a service) is blurring? Right now its kind of hard to argue that Amazon is just IaaS, since theyve incorporated so many extra services in there. Moorman: I think its absolutely blurring and I think its going to continue to blur. So our load balancing service is out, our database service is coming, so these raw components are going to be there in every major cloud. And then, when you put orchestration around it, you really have platform as a service on the fly. And I think that is a model
INFOWORLD.COM DEEP DIVE SERIES

Special Report 17

that we believe in. I think the integrated platforms, like Heroku and others have a place, and we love those guys and we hope they build on top of us. InfoWorld: By a place, you mean theyre for experimenting and youre for the real deal? Moorman: Well, heres the difficulty. I think the magic platform is whats very appealing to people. But these integrated platforms constrict you to using their stack in the end. And I think what ends up happening is we have a number of customers who have started on Heroku and have sort of moved over to a model where they can tweak it, adjust things, and get exactly the version of Rails they want and sort of add these modules. So the magic comes at a cost, which is its a very prescribed stack, end to end, and I think that ends up causing issues. Whereas if you have an orchestration system, where you rope in this new technology, rope in that new technology, and make it all work seamlessly, that ends up providing a lot of flexibility. And I think thats a model that is very appealing. But let me tell you something: I think Heroku and PHP Fog and some of these guys have done some really brilliant things and I think its something to keep an eye on, and something that were certainly watching closely. We want them to partner with us and build on top of us. InfoWorld:What other development environments might you host? Moorman: Were going to keep our options open. We want to make it easy to host all those applications. And once we have this full complement of platform services, like database and load balancing, its going to make these platforms easier to host. There are people who are getting Cloud Foundry up and running on our cloud and making it happen, so were going to learn a lot over the next couple months. Were talking to Microsoft theyre eager to get Azure running with their partners. InfoWorld: So maybe you could offer Microsofts 1,000-server, private cloud Azure offering as a public cloud? Moorman: Possibly. Well see. Azure has been an interesting development. But it seems to me that it has not captured the imagination in terms of the market. And I think part of that is just the platform as a service is a hard concept for folks to sort of get their heads around. People are used to thinking in terms of servers and sort of traditional concepts. InfoWorld:Well, youre not going to consider Azure
J A N U A R Y 2 012

i Cloud Computing
unless youre a .Net shop. Moorman: To me, thats the interesting part. I actually think Microsoft has a platform problem, not a cloud problem. Theyve invested heavily in the cloud side of it, but what they really need to do is make .Net more relevant to everyone building startups around here. The startup community is not using .Net, and that is the problem theyve got to solve and I think by just having a cloud theyre not going to solve that problem. They need to make it a platform that people are gravitating towards. And I think that their bigger issue is .Net and the toolsets that they have. And actually, in some ways, Azure is complicated because they now have introduced SQL Azure, which is a whole new platform you have to get your arms around. Why is the world building on Rails and Python? That is, I think, the problem that Microsoft has to solve. InfoWorld: Well said. So talk to me a little about compliance issues as they relate to the public cloud. Theres a sense that some of some compliance regulations are a barrier and need to be revisited, Its even inhibiting [federal CIO] Vivek Kundras cloud initiative for the federal government. Moorman: Well, I am on the Cloud Commission Vivek has started, and I have to say the government has done a great job Vivek in particular leading on this with its Cloud-First policy for the government. I think they are moving faster than corporate America today in many cases. And they have a strong interest in making America the leader in cloud computing and advancing very, very quickly. But absolutely there are issues. The ones that I am most interested in are data flows and natural sovereignty issues around data. There is a lot of fear around the Patriot Act and the ability of the government to get data if its hosted in America. These are things that I think do slow down cloud computing in America. And I think the government is very open to listening to it and understanding it. But for me, that is one of the bigger issues, making it very clear that if you put your data in the cloud, what control are you losing? Or if you put the data in America, what control are you losing over the access of that data by governmental authorities? I think theres probably more FUD than there is reality, but there are issues, and weve got to get clarity on it. And the way we interact with government agencies has got to become very standardized and clear. InfoWorld: So theres no real pending legislation yet?
INFOWORLD.COM DEEP DIVE SERIES

Special Report 18

Moorman: Theres not. The commission is really charged with coming up with three or four very concrete recomendations to then go advocate legislatively. InfoWorld: One last question. In the old days, ASPs [application service providers], which were the first wave of cloud computing, had a problem they tried to do too much for too many different customers and couldnt scale. With all the different services you offer particularly managed services isnt there a danger that may happen to you? Moorman: In terms of scale, I think were at scale. Amazon is a much bigger company than we are, but in terms of running infrastructure, were a pretty big company. I think if youre a $50 million hosting company, youve got scale issues. InfoWorld: Im not talking about infrastructure. Im talking about your really broad range of services. Moorman: To me cloud computing is hosting version 2. And it is very much within our wheelhouse. I actually think that you will see a lot of these offers get standardized. I dont think theres an infinite number of solutions. I mean, if you look at our managed hosting offering, its been pretty stable for the last five years as it has matured. I think cloud computing will hit a maturity curve and it doesnt mean there wont be innovations on the margins there absolutely will be. But there will be a set of standard types of offerings. Once you have computing and storage and networking, the rest of it is important, but that core is really at the heart of what we do, and our services on top of it are pretty productized and consistent. I also think that our commitment to open source is going to allow us to have a velocity that does not depend on us doing everything alone. And the amount of code [being] contributed from the rest of the world, and the standards that are going to exist because of that, is something that gives us an advantage that no one else will have unless they decide to get on board with OpenStack then everyone will have it. What we want to do is get to a world where these things are standardized and the experience is what the difference is. And we think that were the best in delivering a great experience and a great support model. Thats what were trying to accelerate and I think thats actually happening.
Eric Knorr is the editor in chief of InfoWorld.

J A N U A R Y 2 012

i Cloud Computing
T H E L A S T WO R D O N T H E C LO U D

Special Report 19

The cloud makes users of us all

As we outsource more to cloud services, IT pros will learn how our users feel
i By Paul Venezia heres yet a reason cloud computIng Is not a new Idea: for users, corporate computing has always been a cloud. Users have applications they rely on to do their jobs; they load data to crunch on; they interact digitally with coworkers, clients, and partners and all of it comes from this amorphous blob known as IT. Without this stuff, most of them would have nothing to do. That obliviousness, for better or worse, defines the relationship between users and IT: From their desks, users look down the hall toward IT and see ... nothing. Night-vision goggles cant help, nor would a bridge allow them to cross the chasm and instantly discover what IT is about. This distance from core technology extends to users personal lives. Theyre using Gmail, streaming movies from Hulu or Netflix, and using sites like Flickr and Facebook to provide them with all kinds of services and they magically work. Theyre someone elses problems, and when it breaks, users get very angry. In IT, we know exactly how the sausage is made. We too rely on data, applications, and communications tools to do our jobs, but we have the benefit of being able to see into the magical forest of the back end. Were also far likelier to fix technical problems on our own or we should be. An IT person would never be fazed by a dialog box that has a greyed-out Continue button and an empty check box. The gulf between users and IT often leads to animosity. From the users perspective, if a problem no matter how minute is preventing them from completing a task, the immediate assumption is that IT is incompetent and someone should get fired. From an IT perspective, the user is being an idiot who cant think clearly enough to tie a pair of shoes. But as companies move more apps and services into the cloud, those of us in IT are going to become exactly like our users. As we shift from providing such services as email in-house to a cloud provider, we find that when things go wrong, not only do we have users at our throats, but we dont have any insight into the problem itself. Were at the mercy of the cloud provider, and all we can do is make angry phone calls and write angry forum posts and emails. Were destined to become squeezed in the middle between users and cloud services, in many cases without the power to fix anything. Those of you moving into cloud services, be prepared to feel less confident about certain aspects of your job, and get used to the feeling of not having any part in problem solving and disaster prevention other than as a mineshaft canary. I suppose the upside is that well have a better understanding of how our users have felt all along.
Paul Venezia is senior contributing editor of the InfoWorld Test Center and writes The Deep End blog.

INFOWORLD.COM DEEP DIVE SERIES

J A N U A R Y 2 012