Submitted by Larry Simon on Mon, 08/22/2011 – 11:50
Welcome to the first installment of what will be an on-going series on Cloud Computing. Everyone in the industry is talking about it and the media is awash with hype. I’ll be taking a different approach by trying to bring some clarity and reason to help you make informed decisions in this area.
The place to start is with a definition of the term. There are a wide variety of sources that attempt to define Cloud Computing, many with subtly different nuances, and often including benefits (e.g. flexibility, agility) that are potential outcomes from going Cloud, but certainly don’t belong as part of its definition.
I prefer the U. S. Department of Commerce National Institute of Standards and Technology (NIST) draft definition which is well-considered, well-written and carries the weight of a standards body behind it. Their definition sets out five essential characteristics:
- On-demand self-service: This means that a service consumer can add or delete computing resources without needing someone working for the service provider to take some action to enable it.
- Broad network access: Note that the NIST definition does not specify that the network is the Internet (as some other definitions do). This is necessary to allow for private clouds. NIST goes on to say that cloud services use standard mechanisms to promote use by a wide variety of client devices. It’s not clear to me that this should be a full-fledged requirement, but is certainly in keeping with the spirit of the cloud concept. Once could imagine a cloud that uses custom protocols agreed to by a closed group of consumers, but perhaps the word “standard” still applies in that it would be a standard across the consumer group.
- Resource pooling: Also known as multi-tenancy, this characteristic requires that the cloud serve multiple consumers, and that the resources be dynamically assigned in response to changes in demand. The definition goes on to say that there is also a sense of location independence in that the consumer has no control over the location where the computing takes place. It is important to distinguish “control over” from “knowledge of”. The consumer may well know which specific data centre the resources are running in, particularly in the case of a private cloud. There may also be limitations for compliance or security purposes on where the resources can be drawn from. The important point is that the consumer cannot pick and choose between resources of a particular class; they are assigned interchangeable resources by the provider, wherever they happen to reside, within the limits of the service agreement.
- Rapid elasticity: Capabilities need to be rapidly provisioned when demanded. The definition does not specify how rapidly, but the intent is that it be in a matter of minutes at most. The service must be able to scale up and back down in response to changes in demand at a rate that allows potentially unpredictably varying demands to be satisfied in real time. Ideally, the scaling is automatic in response to demand changes, but need not be. The definition then goes on to say that the resources often appear to be infinite to the consumer and can be provisioned in any quantity at any time. This is of course not a rigid requirement. A cloud service could put an upper bound on the resources a particular consumer could scale to, and all clouds ultimately have a fixed capacity, so this clearly falls in the “grand illusion” category.
- Measured service: The NIST definition specifies that cloud systems monitor and automatically optimize utilization of resources. The definition does not specify the units of measurement, and in fact Amazon and Google’s cloud services meter and charge using very different models (in thumbnail, Amazon in terms of infrastructure resources and Google by page hits). What is surprising is that the definition does not state that the consumer is charged in proportion to usage, which many definitions consider the most fundamental tenet of cloud computing. The NIST definition allows a situation, for example, where several consumers (say, members of a trade organization) decide to fund and build a computing facility meeting the five requirements and share its use, but don’t charge back based on usage even though it were possible.
There’s a lot to like about the NIST definition and it is the one I’ll be using in subsequent articles. We’ll be digging into what people and organizations are actually doing with cloud computing (without all the hype and hyperbole), and practical considerations for success from both the business and technical viewpoints.
Larry Simon is an IT strategist who has advises startups through to Fortune 500 corporations and government institutions on achieving maximum return from their information technology investments through sound governance and practices.