By Rich Wolski | May 21, 2010
The phrases "cloud computing" and "private cloud" have permeated the technical zeitgeist with a rapidity that we have rarely seen. As a result, we spend a good deal of our time discussing these concepts with our customers, partners, and technical colleagues in an effort to understand what they mean in concrete terms. In an effort to bring some clarity to these ruminations (primarily to myself), I've tried to distill them into a "Top 5" list of questions we are asked and to formulate my opinion of how they can, and in some cases should, be answered.
First, the questions in dramatically paraphrased form are:
- What is a "private cloud" and how is it different from a "public cloud" and a "virtualized data center?"
- Is a private cloud secure?
- How do I build a cloud?
- How do turn a private cloud into a hybrid cloud?
- What will I need to do to my applications to get them to run in a cloud, private or public?
Clearly these questions are directed to us because of what we make (hence the bias towards private clouds). In putting this thinking together, it also occurred to me that this list is a product of the time frame in which it is formulated. That is, the five most frequent and pertinent questions we were being asked one year ago were quite different, and mostly focused on the impact of public clouds on the economics of Information Technology (IT).
Be as it may, I provide my best effort to answer the questions as we see them in Spring of 2010. I provide these answers via a series of blogs to lessen the amount of time within one sitting you need to peruse my musing. In this posting, I tackle the first two questions.
What is a "private cloud" and how is it different from a "public cloud" and from a "virtualized data center?"
A private cloud is a cloud that implements the "cloud computing" model in a "private" setting where only a single organization has access to the resources that are used to implement the cloud. In other words, it is a cloud that an organization implements using its own resources (machines, networks, storage, data centers, etc.)
Trivially, then, a private cloud is different from a public cloud because the public version implements cloud computing for multiple, possibly competing organizations using a single set of resources. The basic model for a public cloud is similar to that for a public power utility: a third-party vendor manages the infrastructure necessary to deliver computing capability to customers who pay usage fees. The common-carrier Internet plays the role of the transmission lines in this highly stylized analogy.
There are more subtle differences between these two paradigms as well. Most prominently, private clouds must be able to incorporate the policies and infrastructure capabilities that are implemented by the organization that deploys them. In contrast, public clouds, for reasons of scale, tend to provide low-cost but high-quality commoditized services to their customers in the spirit of a general utility. Thus a private cloud should embody and reflect the "structure" that the organization imposes on it while a public cloud "flattens" the structure into a high-quality commodity that can be provided for a low cost at scale.
Frequently, we are also asked to differentiate private clouds from virtualized data centers. Operating system virtualization (the ability to run "virtual machines" using a hypervisor as the base software layer) is a powerful tool and many IT organizations have implemented plans to use this tool to improve IT operations. "Are these virtualized data centers not just private clouds?" is a typical question posed to us.
Operating system virtualization is an important component of a private cloud, but by itself, even when deployed data center wide, it does not implement a private cloud. That is, a private cloud depends on operating system virtualization but it also requires quite a bit in addition to the ability to run virtual machines even if the virtualization technology supports this ability across the data center.
The key difference lies in the purpose virtualization fulfills when it is used to control a data center versus when it is used to implement a cloud. When used as a data center control technology the "operator" (typically a system administrator) uses virtualization to abstract the "server" running in a VM away from the hardware on which it runs. By making a server a virtual entity (one not attached to a specific piece of hardware) it can be moved, suspended, or upgraded independently of how the hardware running it is manipulated. Thus virtualization provides a way for a system administrator to manipulate the resources in a data center more flexibly and faster to achieve greater efficiencies.
However, to be an effective tool for administration, the data center virtualization tools must operate as a console. That is, when an administrator issues a control command, the command is implemented and the result returned in a way that allows the system administrator to know the state of the system from moment to moment.
In a cloud, virtualization serves a different purpose, which is to provide isolation between resources allocations. That is, virtualization inside a cloud prevents different collections of virtual machines from interfering with each other. Indeed many clouds do not take advantage of the VM mobility and multi-tenancy functions supported by most hypervisors -- two key functionalities used heavily in virtualized data centers.
In addition, cloud platforms use virtualization asynchronously. There is no cloud "console" that can report the state of the resources faithfully because to implement one, the cloud would need to make virtualization requests one-at-a-time so that the state would be clearly known at the time it is reported. Put another way, by the time a correct accounting of the operations performed in a cloud is recorded, the internal state will have changed. The only way to prevent this state of affairs is to make the cloud handle requests one-at-a-time so that the internal state changes sequentially. Synchronizing requests in this way severely limits scalability.
Is a private cloud secure?
The first observation I usually make in response to this question is that security is not a singular noun -- it is plural. Put in another less cryptic way, "security" refers to the amount of "trust" a user or organization places in a particular technology with respect to theft, tampering, and privacy. That trust is necessarily subjective (e.g. what I may trust you or may not and vice versa) so it is difficult to talk about security in absolute terms.
One of the characteristics of private clouds that make them attractive to an organization is that the degree of security (the degree of trust) can be completely controlled by the organization itself. That is, if implemented properly, a private cloud should be no less secure than the data center in which it runs. If an organization wants to implement greater security or to relax security in a private cloud, it can. It can also audit and manage the implementation of security for the private cloud much in the same way it audits and manages security in a data center. Fundamentally, security is a matter of policy specification and implementation. A private cloud must be able to allow organizations to specify (and change) security policies and subsequently to implement those policies using for resources under its control.
I suspect that this question is also one that is motivated by a comparison of public cloud security characteristics with those of a private cloud. Often, private cloud proponents claim that private clouds are more secure than public clouds. In fact, it is possible to deploy a private cloud in a way that is far less secure than the current batch of public clouds just as it is possible to deploy any infrastructure in an insecure way. Moreover, the public clouds are almost assuredly exposed to a constant barrage of very clever attacks. To withstand this Maelstrom they must constantly implement the state-of-the-art in counter measures.
I believe the real motivation for this question, then, is not about the degree of security that a private cloud offers over a public one, but the degree to which security policy can be controlled, monitored, and changed in response to the needs of the organization. Because public clouds must serve a vast set of competing needs, they are necessarily limited in their ability to allow their users to customize them, particular with respect to the implementation of security policy. Conversely, a private cloud must support local policy definition and customization and hence there is a perception that they are "more secure."
A second and related predictive question that we get asked frequently is "Will public clouds ever be secure enough to supplant private clouds?" I'll leave this question for another time as answering it requires a rather even more voluminous analysis of the fundamental tenets underpinning cloud-computing security.