Top 5 Questions Posed on "Cloud

Computing" [Part 1/3]

Posted: Friday 21st of May 2010 11:01:44 AM By Rich Wolski

The phrases "cloud computing" and "private cloud" have permeated the technical zeitgeist with a rapidity that we
have rarely seen. As a result, we spend a good deal of our time discussing these concepts with our customers,
partners, and technical colleagues in an effort to understand what they mean in concrete terms. In an effort to bring
some clarity to these ruminations (primarily to myself), I've tried to distill them into a "Top 5" list of questions we are
asked and to formulate my opinion of how they can, and in some cases should, be answered.

First, the questions in dramatically paraphrased form are:

o What is a "private cloud" and how is it different from a "public cloud" and a "virtualized data
center?"
o Is a private cloud secure?
o How do I build a cloud?
o How do turn a private cloud into a hybrid cloud?
o What will I need to do to my applications to get them to run in a cloud, private or public?

Clearly these questions are directed to us because of what we make (hence the bias towards private clouds). In
putting this thinking together, it also occurred to me that this list is a product of the time frame in which it is
formulated. That is, the five most frequent and pertinent questions we were being asked one year ago were quite
different, and mostly focused on the impact of public clouds on the economics of Information Technology (IT).

Be as it may, I provide my best effort to answer the questions as we see them in Spring of 2010. I provide these
answers via a series of blogs to lessen the amount of time within one sitting you need to peruse my musing. In this
posting, I tackle the first two questions.

What is a "private cloud" and how is it different from a "public cloud" and from a
"virtualized data center?"

A private cloud is a cloud that implements the "cloud computing" model in a "private" setting where only a single
organization has access to the resources that are used to implement the cloud. In other words, it is a cloud that an
organization implements using its own resources (machines, networks, storage, data centers, etc.)

Trivially, then, a private cloud is different from a public cloud because the public version implements cloud computing
for multiple, possibly competing organizations using a single set of resources. The basic model for a public cloud is
similar to that for a public power utility: a third-party vendor manages the infrastructure necessary to deliver
computing capability to customers who pay usage fees. The common-carrier Internet plays the role of the
transmission lines in this highly stylized analogy.

There are more subtle differences between these two paradigms as well. Most prominently, private clouds must be
able to incorporate the policies and infrastructure capabilities that are implemented by the organization that deploys
them. In contrast, public clouds, for reasons of scale, tend to provide low-cost but high-quality commoditized services
to their customers in the spirit of a general utility. Thus a private cloud should embody and reflect the "structure" that
the organization imposes on it while a public cloud "flattens" the structure into a high-quality commodity that can be
provided for a low cost at scale.

Frequently, we are also asked to differentiate private clouds from virtualized data centers. Operating system
virtualization (the ability to run "virtual machines" using a hypervisor as the base software layer) is a powerful tool and
many IT organizations have implemented plans to use this tool to improve IT operations. "Are these virtualized data
centers not just private clouds?" is a typical question posed to us.

Operating system virtualization is an important component of a private cloud, but by itself, even when deployed data
center wide, it does not implement a private cloud. That is, a private cloud depends on operating system virtualization
but it also requires quite a bit in addition to the ability to run virtual machines even if the virtualization technology
supports this ability across the data center.

The key difference lies in the purpose virtualization fulfills when it is used to control a data center versus when it is
used to implement a cloud. When used as a data center control technology the "operator" (typically a system
administrator) uses virtualization to abstract the "server" running in a VM away from the hardware on which it runs. By
making a server a virtual entity (one not attached to a specific piece of hardware) it can be moved, suspended, or
upgraded independently of how the hardware running it is manipulated. Thus virtualization provides a way for a
system administrator to manipulate the resources in a data center more flexibly and faster to achieve greater
efficiencies.

However, to be an effective tool for administration, the data center virtualization tools must operate as a console. That
is, when an administrator issues a control command, the command is implemented and the result returned in a way
that allows the system administrator to know the state of the system from moment to moment.

In a cloud, virtualization serves a different purpose, which is to provide isolation between resources allocations. That
is, virtualization inside a cloud prevents different collections of virtual machines from interfering with each other.
Indeed many clouds do not take advantage of the VM mobility and multi-tenancy functions supported by most
hypervisors -- two key functionalities used heavily in virtualized data centers.

In addition, cloud platforms use virtualization asynchronously. There is no cloud "console" that can report the state of
the resources faithfully because to implement one, the cloud would need to make virtualization requests one-at-a-
time so that the state would be clearly known at the time it is reported. Put another way, by the time a correct
accounting of the operations performed in a cloud is recorded, the internal state will have changed. The only way to
prevent this state of affairs is to make the cloud handle requests one-at-a-time so that the internal state changes
sequentially. Synchronizing requests in this way severely limits scalability.

Is a private cloud secure?

The first observation I usually make in response to this question is that security is not a singular noun -- it is plural.
Put in another less cryptic way, "security" refers to the amount of "trust" a user or organization places in a particular
technology with respect to theft, tampering, and privacy. That trust is necessarily subjective (e.g. what I may trust you
or may not and vice versa) so it is difficult to talk about security in absolute terms.
One of the characteristics of private clouds that make them attractive to an organization is that the degree of security
(the degree of trust) can be completely controlled by the organization itself. That is, if implemented properly, a private
cloud should be no less secure than the data center in which it runs. If an organization wants to implement greater
security or to relax security in a private cloud, it can. It can also audit and manage the implementation of security for
the private cloud much in the same way it audits and manages security in a data center. Fundamentally, security is a
matter of policy specification and implementation. A private cloud must be able to allow organizations to specify (and
change) security policies and subsequently to implement those policies using for resources under its control.

I suspect that this question is also one that is motivated by a comparison of public cloud security characteristics with
those of a private cloud. Often, private cloud proponents claim that private clouds are more secure than public clouds.
In fact, it is possible to deploy a private cloud in a way that is far less secure than the current batch of public clouds
just as it is possible to deploy any infrastructure in an insecure way. Moreover, the public clouds are almost assuredly
exposed to a constant barrage of very clever attacks. To withstand this Maelstrom they must constantly implement
the state-of-the-art in counter measures.

I believe the real motivation for this question, then, is not about the degree of security that a private cloud offers over
a public one, but the degree to which security policy can be controlled, monitored, and changed in response to the
needs of the organization. Because public clouds must serve a vast set of competing needs, they are necessarily
limited in their ability to allow their users to customize them, particular with respect to the implementation of security
policy. Conversely, a private cloud must support local policy definition and customization and hence there is a
perception that they are "more secure."

A second and related predictive question that we get asked frequently is "Will public clouds ever be secure enough to
supplant private clouds?" I'll leave this question for another time as answering it requires a rather even more
voluminous analysis of the fundamental tenets underpinning cloud-computing security.