This is the third in a series of posts designed to give you a quick, high-level introduction to Cloud Computing. The first two were:
If you’ve not yet read those posts, now would be a good time to skip back and take a quick pass through them.
In this edition, I’m going to talk about the four Cloud Computing deployment models. As a quick reminder, I’m basing this discussion on the NIST definition of Cloud Computing, so the four deployment models are:
- Private Cloud
- Community Cloud
- Public Cloud
- Hybrid Cloud
NIST does a pretty good job of defining these models, but I want to try to give a little more context to each:
- Private Cloud: The private cloud deployment model represents a model where a single organization stands up cloud capacity and ONLY members of that organization are allowed to consume that capacity. This is a common model for Governments and large enterprises. The primary reasons you would want to create a private cloud are:
- Security concerns. Many organizations are not comfortable putting their workloads into a shared computing environment. Heck, there are still a lot of users out there who aren’t comfortable having multiple VMs sharing the same hypervisor, so it’s no surprise there’s concern about clouds! I’m not trying to minimize this concern – it is a very valid one. When you deploy into a public cloud (discussed below), you’re handing over the control of the infrastructure to someone else. What’s to prevent them from doing something you don’t want them to do with your stuff?
- Data sovereignty concerns. Along the same lines as the security concerns above, there is a valid concern with data sovereignty. Data sovereignty deals with the ability of the data owner to know – and control – where their data is stored and who has access to it. This can be extremely important when dealing with sensitive data or data that is regulated. For example, you may have government regulations that require that any Personally Identifiable Information (PII) about your financial customers not be stored outside the boundaries of your country.
- FUD. Fear, Uncertainty, and Doubt – a.k.a. FUD. It’s amazing how much this little three-character mnemonic retards individuals & organizations ability to adapt to new technologies or business processes! Often, private clouds are created simply because the organization’s leadership doesn’t understand Cloud Computing well enough to recognize that there are secure, viable, cost-effective alternatives.
- It’s better than no cloud. Face it, private cloud is frequently a stepping stone toward one of the other deployment models.
Private cloud is often the first place an enterprise (officially) looks for cloud computing. I added the (officially) parenthetical because – just as with virtualization – there are often skunkworks activities within the enterprise that are using public cloud because it’s easier to get the level of service needed externally rather than from internal IT. This “consumerization of IT” is a topic for another day…
Dipping the enterprise toe into Cloud Computing via a private cloud does have significant merit. As I’ve mentioned elsewhere, the path to cloud is not easy. It requires organizations to modify policies and procedures. It requires staff members to adapt their ways of thinking. Private cloud can serve as a foundation on which to build robust approaches to Cloud Computing that can then be used to support a transition to community, hybrid or public clouds.
- Community Cloud: A community cloud is a Cloud Computing environment that’s not dedicated to a single organization, and yet, it’s not available to anyone who comes along. A community cloud is implemented to support the Cloud Computing needs of a group of related organizations (e.g. fire departments, government agencies, community swimming pools). Much like a “credit union” in the United States, you must meet certain criteria to be eligible to consume the services of a community cloud. The primary advantages of a community cloud are:
- Security: In most cases, part of the procedure for being granted membership in the community is undergoing a review of an organization’s security posture. Since all members of the community (i.e. all users of the community cloud) have been “certified” to meet a specific set of requirements, there can be a fairly high degree of confidence that everyone is going to play by the same rules. It also means that one of the requirements could be that all data centers participating in the community cloud reside within a particular jurisdiction – addressing, at least partially, data sovereignty concerns.
- Scale: It is likely that a community cloud will be larger than a private cloud. This will enable more effective utilization of the resources in the cloud and provide more leverage when purchasing assets for inclusion within the cloud. The principle benefit of scale is the ability to drive down costs. Typically, the bigger the cloud, the lower the cost for providing a unit of capacity.
- Common practices: Frequently, when signing up for a community cloud, you are agreeing to abide by a set of common practices that are adhered to by all members. Hopefully, these will be practices that have been proven through multiple iterations and many prying eyes. Adapting your internal processes to match these community cloud practices may improve your organizational efficiencies.
While there are many benefits to community clouds, it’s one of the less common implementations of Cloud Computing. I’m assuming this is because it’s challenging to get organizations to cooperatively work together for risk of giving up the “crown jewels”. In any case, you probably won’t run into community clouds too frequently.
- Public Cloud: This is the one you’re probably most familiar with. This is the Amazon, Google, Dropbox, and Box clouds that many of you are already using. It’s a cloud that anyone can use, all you need is an email address and – in some cases – a credit card. Public cloud implementations are, by far, the largest cloud implementations around. This scale enables them to achieve massive economies which private & community clouds just can’t match. This scale is what allows Amazon and RackSpace to provide IaaS at price points that can’t be beaten. So…why would you want to deploy your workloads onto a public cloud infrastructure? Here are a few reasons:
- Price: It’s nearly impossible to deliver IT services at a lower cost than a public cloud provider. They purchase (or build) so much capacity that they get volume discounts that would make Sam Walton turn green with envy. They’ve also mastered the art of automation. When you go to a public cloud portal and place an order, there is NO human intervention to provision your service instance. To give you an idea of the magnitude of the automation, an enterprise with a highly virtualized environment is potentially achieving a server to admin ratio of 500 to 1. Google is reported to have a ratio of about 10,000 to 1. [Computerworld, 2010]. Now I’m the first to admit that this is comparing apples to oranges – the enterprise admin has to worry about more than just provisioning an empty VM or a pre-defined software stack for their consumer to use – but it gives you some insight into how economies of scale tied with advanced automation capabilities tilt the table in your favor.
- Scalability: “Not everyone realizes that on any given day AWS adds enough new server capacity to support Amazon’s entire global infrastructure in the company’s fifth full year of operation, when it was a $2.76B annual revenue enterprise.” [James Hamilton, VP & Distinguished Engineer, Amazon Web Services]
Who reading this can make that same claim? I don’t know how many servers it took Amazon to run their business when they had a piddly little $2.76B annual revenue number, but I can bet that it was several thousand. When you’re purchasing that much compute (and the associated networking, storage, and management infrastructure), you can get a volume discount! Public cloud vendors have enough capacity that the typical consumer can just assume it’s infinite. Companies like Netflix and Zynga rely on that scalability to enable them to meet a highly variable workload – you can, too.
- Flexibility/Agility: Do you need 10 servers today, 1,000 servers tomorrow, and 10 next week? If so, then you need public cloud. Public cloud enables you to spin up (very quickly) whatever capacity you need, use it for as long as you need it, and then turn it off (and stop paying for it) when you’re done. To accomplish this in-house with traditional IT services, or even with a private cloud, you would have to go out and buy that capacity, even though you need it for only one week. This is the “killer feature” of public cloud. This is what enables you to test your new product release in an environment that mirrors that of your largest customer – rather than having that customer be your test bed. It’s what allows you to crunch massive data sets once a year (or once a quarter) using enough compute capacity to get through the job in hours rather than days or weeks (or not at all).
Public cloud offers tremendous benefits in price, scale, and flexibility. If there’s a way you can use it, you should :^}.
- Hybrid Cloud: As the name implies, hybrid cloud is a combination of two or more of the deployment models discussed above. In all honesty, this is where I see a large percentage of enterprises living in the “near” future. I’ll talk more about this in my next post…
That wraps up this, my third, article in my “Cloud 101″ series. I’ve got two more articles in the pipeline:
- Is Cloud Computing right for your organization?
- Is your organization ready for Cloud Computing?
Thanks again for sticking with me. I hope you’re getting something out of these articles!