Kate's Comment

Thoughts on British ICT, energy & environment, cloud computing and security from Memset's MD

Definition of Cloud Computing, incorporating NIST and G-Cloud views

7

NIST's Cloud definition, on a cubeFor a less technical definition of cloud see this article: What is cloud computing?.

I have spent the last few months working with the cabinet office on phase 2a of the UK’s G-Cloud and App Store programme. My position was as industry co-lead for the technical architecture work strand. The other lead is a public sector employee from NHS connecting for health, which, despite the flak they get, have done great work in marshalling and managing massive numbers of servers and PCs and the networks in between. Other work strands included Information Assurance, Commercial, Quick Wins, Service Management and Business Transition Planning.

Working on the project has given me a very clear insight into what the benefits of Cloud Computing to government and business really are, and also what a government Cloud would need to look like. That was essentially what we were describing (in broad terms) in our technical architecture strategy paper, which will be published soon. Therefore, I’m updating my definition of Cloud Computing in line with that work, and also incorporating the NIST definition, which has recently become something of a de-facto standard (although I don’t entirely agree with it).

Cloud != Utility

“Cloud Computing” has many aspects, as depicted above. One of those axes are the service models; Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).

Cloud Computing is often confused with Utility Computing but they are not the same – rather the latter forms part of the former. Of the service models, IaaS alone is analogous to Utility Computing, and I agree that they are fundamentally one and the same but with the added element of virtualisation making IaaS an evolutions of the concept.

Nor is Cloud the same thing as Grid Computing. Both terms are well-defined and there is no need to invent a new name for these decades-old concepts (my Dad was providing Utility Computing services from his computer bureau service before I was born!):

  • Grid Computing: The combination of computer resources from multiple administrative domains applied to a common task.
  • Utility Computing: The packaging of computing resources (computation, storage etc.) as a metered service similar to a traditional public utility.

I see Cloud Computing IaaS as the combination of those old concepts of utility and grid:

Cloud Computing IaaS = Grid Computing + (Utility Computing * N)
…or…
Cloud Computing IaaS is a Grid of Compute Utilities

I shall explain. The real power of the Cloud Computing concept comes about when one views it as the mass-market for Utility Computing resources, and that is what the G-Cloud programme essentially asked the technical work stream to come up with; an architecture that would allow a number of different, but standardised, Infrastructure as a Service (IaaS), Platform-aaS (PaaS) and Software-aaS (SaaS) services to be make available in one central competitive market place (the App Store).

The clear desire was also for those services to be interoperable, especially at the infrastructure level. Additionally, and this is where the “Cloudiness” comes in, the desire was such that one could request computing resources to a specified service level agreement (SLA) and at a specific security impact level, and have a pre-certified range of options which could then be chosen based on price, or other factor.

That fits with what I believe most people mean when they say “host it in the Cloud” – referencing an amorphous, distributed collection of compute resource used in a way that you don’t really care where your application resides, so long as your requirements are met.

Therefore, I maintain that when we refer to “Cloud Computing” we should be talking about an open market for computing resources, created when you combine multiple interoperable compute utilities into one massive grid, hence Grid + (Utility * N).

NIST definition

I really like the new Cloud Computing definition from the US’s National Institute of Standards and Technology (NIST) for the most part. They define three service models, five essential characteristics, and four deployment models. I have represented their model on a cube, as below:

NIST's Cloud definition, on a cube

A well-managed data centre is not “a Cloud”!

The only part I take issue with is their “private Cloud” concept; something being conveyed with gay abandon by technology analysts the world over unfortunately. In most usage, “private Cloud” just refers to a partitioned off chunk of infrastructure within one utility computing provider in most cases, or worse-still just a well managed data centre with a bit of virtualisation if you ask some people!

The UK government, for example, wants a private Cloud for some higher-security requirements, but that would be a pool of resources from a number of utility computing facilities (probably partitioned off super-secure areas of providers’ data centres); an open market again, albeit one with specific requirements. As it stands, the “essential characteristic” of resource pooling is at-odds with the analyst-speak concept of a private Cloud; if it is private and dedicated to one organisation, you will only be pooling the resources of one organisation.

There are very few organisations that will have a sufficiently diverse usage profile to gain additional benefit from such an approach, however there are several with similar requirements that could club together as one private community, like UK government. Also, only NIST’s “Hybrid Cloud” encapsulates the full vision of what I believe Cloud Computing is about (interoperability etc). Therefore I would change the NIST deployment models as follows:

  • Private Compute Utility: An infrastructure physically dedicated to one organisation.
  • Private Community Cloud: An infrastructure spanning multiple administrative domains that is physically dedicated to a specific community with shared concerns.
  • Public Cloud: An infrastructure spanning multiple administrative domains that is made available to the general public / businesses, without physical partitioning of resource allocations. (There is arguably only one public Cloud – hence the phrase “host it in The Cloud”.)
  • Hybrid Cloud: A combination of public public and private compute utilities in order to allow “cloud bursting” for some requirements, or to allow a private compute utility owner to sell their spare capacity into The Cloud.

It’s all Amazon’s fault; misnaming their Plastic Compute Utility

The origin of the term “Cloud” comes from the diagrams we used to draw of the Internet back in the ’90′s; typically the automatically-routed internetwork was depicted by a big fluffy cloud in the middle of a network map, and it was just accepted that it would route things sensibly between the data centre and client (or other end points). The term then gained further traction with people using phrases like, “I’ll just host it in the Cloud”, now referring to the generally available computing / hosting resources connected to the ‘net.

Then, along came Amazon with their “Elastic Compute Cloud” (EC2), applying the term to something that (when considered on its own) is really just a massive plastic compute utility. ‘Plastic’ since you have to request more or less instances (resources do not elastically shrink) – the elasticity is a function of how you write your application to interface with their API. A ‘Compute Utility’ because it is really just one very large compute grid being sold as a utility service; why apply a new term when we have a perfectly good one?

I see Cloud Computing as the result of having multiple utility computing providers at your behest, with standardised APIs to allow provisioning from competing suppliers. That is pretty much here now, although the grid middleware to allow smooth interoperability is not quite industrial-strength.

IaaS vs. PaaS vs. SaaS

One of the nicely encapsulated outputs from the G-Cloud project to-date has been an agreement on what we actually mean by infrastructure, platform and software, and how they do differ a little from the old terms hardware, middleware and application, but that can wait for my next posting (here).

Posted on February 24, 2010 at 16:25

7 comments

  1. Sam Johnston Feb 25, 2010 11:57 Some interesting issues raised here, though like last year's cloud definition season, 2010's too will go largely ignored by the masses (who are happy to equate "cloud" to "out there on the Internet" - which is not the same as cloud == internet btw). That's fine by me too - the promise of cloud is in letting a mutually trusted third party take care of business - a necessary part of indiscriminate multitasking incidentally.

    As for the NIST definition, I think it has its fair share of problems but it's better than most and it comes from a reliable (hopefully) independent source. One such problem is the "requirement" for "rapid elasticity" ala EC2 - if I have, have always had, and will always have 100 users for example, then I can certainly benefit from cloud computing by deploying SaaS products to my employees but I couldn't care less about elasticity. Similarly, being self-service is nice, but if I had to fax in a form and wait a week to benefit from economies of scale enabled by multi-tenancy then so what? And then there's "broad network access", which is just a weak way of saying "Internet". Either it's ubiquitous or it's not.

    Thanks for taking the time to write this up and here's hoping we can beat the NIST definition into shape over time (though my experience getting heard by them thus far has been fairly ordinary).
  2. Kate Craig-Wood Feb 25, 2010 12:08 @SamJ Good point re. few actually needing elasticity. That is why we (Memset) have still not gotten around to implementing an API for our Miniserver VMs - there is little demand. Most people a) don't want to re-write their apps to scale resources, b) don't need a lot of scaling and c) view the hosting element as a very low cost compared to the service being delivered thus are happy to pay the premium to have overspecced resources there to catch load spikes. The views are changing, slowly, but I personally don't think Amazon EC2 / instances-on-demand are the right way, which is why we are developing a Better Way to be more efficient about burst resource capacity - but its not ready yet so can't talk about it. ;)
  3. Cathie Gibbens Mar 9, 2010 13:30 I like the equation you put forward and the diagram of NIST's definition - makes it simple and clear, which is what cloud computing should be.
    Suppliers are recognising the need for interoperability, but as you say, this is not as strong as it should be.
    Looking forward with interest to playing spot the difference on the next post!
  4. Scott Butler Jun 17, 2010 08:44 Interesting. For years we have been operating in technology silos, delivering and tailoring the infrastructure (hardware, OS & Middleware) to meet the clients needs. However, we are now developing our technologies into utilities but I am aware that the terms 'utility' and 'cloud' seem to be used in the same context, you address this here and this is a message that I will be reiterating over the next few months I am sure.
    The biggest issue we are facing (I lead one of the Middleware teams focused on application hosting) is the proliferation of third party applications; I would be interested to know how we can have a true 'utility' model when the business applications vary greatly in their infrastructure requirements. A key point of utility, and ultimately cloud, computing is to removed the technology decisions from the client side but this would mean creating a solution that is all things to all people and I have reservations that this is achievable.
    I would be interested in hearing your thoughts on this.
  5. katecw Jun 23, 2010 15:11 I would say that there are two utility platforms appearing; the Linux-Apache-MySQL-Php/Python/Perl (LAMP) stack for open source users and the Microsoft .NET-MSSQL stack. The hardware underneath has already commoditised and standardised in the form of x86 virtual machines. No one in their right mind is creating applications that need custom hardware these days, well apart from those poor few who succumb to vendor-sales-speak!

    There are few applications which, with a little intelligence, cannot be designed and built to be highly scalable and operate on any old x86 tin (virtual or otherwise). As you might expect, my preference is towards open source as the platform, and that certainly seems to be the choice for new entrants providing Web based software-as-a-service (SaaS), based on our customers.

    As for removing all technology decisions, if you want to do that go direct to a SaaS provider. My advice, though, is to separate your software supplier from your hosting provider, for improved security and resilience (see my post on supply chain disintegration). That also means you don't get locked in to the vendor, and can use open source software. That still doesn't meant you need much technology experience - just don't go for solutions that need any special tech. If they do, they are probably a rip-off!
  6. John Aug 21, 2010 07:30 Cloud computing = buzzword for technology that has been around for years.
  7. Peter Meredith Nov 3, 2010 10:51 Generally the points raised were fine, but there was much waffle and verbosity, instead of getting to the point and dealing with the facts.

Add your comment

Categories

Older posts

Comments

Hosted on a Memset dedicated server.

© Kate Craig-Wood
All rights reserved.

Page optimized by WP Minify WordPress Plugin