The diagram shows what we agreed we mean by Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (right hand side) and the areas encompassed by the individual terms infrastructure / platform / software on the left. A better term than “software” might be “application” since the platform part is also really just software, but SaaS has already gained wide acceptance.

It is assumed that “as a service” means all services within the definition are fully integrated up to and including the respective level, thus incorporating any sub-levels. Therefore, SaaS providers could either sub-contract to a PaaS provider, or would incorporate the PaaS themselves and provide it as part of the SaaS “stack”. In turn the IaaS could be sub-contracted or incorporated. The customer would see an integrated service.

It is also worth explaining the overlap between ‘platform’ and ‘software’; that is because some advanced platforms are built on complex software solutions which go well beyond just operating systems and a bit of infrastructure software.

For example, one could consider bare operating system as the platform, with the bespoke software application incorporating its own software infrastructure elements (eg. a bespoke CRM solution). One might also consider a Linux-Apache-MySQL-PHP stack as the platform in its entirety, with only the PHP code itself being the software/application layer. The key differentiator between ‘platform’ and ‘software’ is that a platform is standardised and to an extent commoditised, with the software being the bespoke / custom element. A platform would also often, but not always, be highly scalable across multiple servers.

Standardised / commoditised software (hosted application) services, as opposed to bespoke / custom deployments, would most likely be considered to be SaaS.

Virtual differences

Until this point many experienced readers might be saying, “Yes, that that is just hardware, middleware and software renamed!”. To a large extent you would be right, with one small exception being subtle differences between modern platform/middleware, but there is an important difference between the old concept of “hardware” and ours of “infrastructure”: virtualisation.

It was agreed among the G-Cloud team that the virtualisation should now be considered as part of the hardware layer since it has become such an integral method of dividing and provisioning hardware resources. It is important to note that we drew the line precisely between the virtualisation layer (ie. the hypervisor) and operating system, viewing a bare-bones virtual machine without operating system or kernel as the unit(s) of hardware.

Of course, virtualisation is not ubiquitous. Indeed for many systems including highly scalable ones upon which PaaS and SaaS stacks are built do not use any virtualisation (Google App Engine does not, for example). In such cases one would simply view the stack without the virtualisation layer with the boundary between infrastructure and platform being between the physical hardware and operating system layers.

Network

Another critique of this model could be that the “interconnecting network” appears to link directly from the software layer through to the client device. In reality, of course, all network traffic has to sink back down through the layers from the software to via the networking & firewalling layer, then on to the client device. To keep the stack looking like a stack, however (which is correct from a logical perspective), it is better to stick the client device on top rather than off to one side. In the full postulated functional of the G-Cloud logical architecture the connections are more explicitly shown in a 2D rather than linear model. Hopefully that will be in the public domain soon!

Working on the project has given me a very clear insight into what the benefits of Cloud Computing to government and business really are, and also what a government Cloud would need to look like. That was essentially what we were describing (in broad terms) in our technical architecture strategy paper, which will be published soon. Therefore, I’m updating my definition of Cloud Computing in line with that work, and also incorporating the NIST definition, which has recently become something of a de-facto standard (although I don’t entirely agree with it).

Cloud != Utility

First off I wish to be clear: Cloud Computing is not the same thing as Utility Computing (aka. Infrastructure as a Service). Nor is Cloud the same thing as Grid Computing. Both terms are well-defined and there is no need to invent a new name for these decades-old concepts (my Dad was providing Utility Computing services from his computer bureau service before I was born!):

• Grid Computing: The combination of computer resources from multiple administrative domains applied to a common task.
• Utility Computing: The packaging of computing resources (computation, storage etc.) as a metered service similar to a traditional public utility.

Cloud is often confused with Platform or Software as a Service too, but they are just extensions of the Utility Computing concept, and again are nothing terribly new. I see Cloud Computing as the combination of those old concepts of utility and grid:

Cloud Computing = Grid Computing + (Utility Computing * N)
…or…
Cloud Computing is a Grid of Compute Utilities

I shall explain. The real power of the Cloud Computing concept comes about when one views it as the mass-market for Utility Computing resources, and that is what the G-Cloud programme essentially asked the technical work stream to come up with; an architecture that would allow a number of different, but standardised, Infrastructure as a Service (IaaS), Platform-aaS (PaaS) and Software-aaS (SaaS) services to be make available in one central competitive market place (the App Store).

The clear desire was also for those services to be interoperable, especially at the infrastructure level. Additionally, and this is where the “Cloudiness” comes in, the desire was such that one could request computing resources to a specified service level agreement (SLA) and at a specific security impact level, and have a pre-certified range of options which could then be chosen based on price, or other factor.

That fits with what I believe most people mean when they say “host it in the Cloud” – referencing an amorphous, distributed collection of compute resource used in a way that you don’t really care where your application resides, so long as your requirements are met.

Therefore, I maintain that when we refer to “Cloud Computing” we should be talking about an open market for computing resources, created when you combine multiple interoperable compute utilities into one massive grid, hence Grid + (Utility * N).

NIST definition

I really like the new Cloud Computing definition from the US’s National Institute of Standards and Technology (NIST) for the most part. They define three service models, five essential characteristics, and four deployment models. I have represented their model on a cube, as below:

A well-managed data centre is not “a Cloud”!

The only part I take issue with is their “private Cloud” concept; something being conveyed with gay abandon by technology analysts the world over unfortunately. In most usage, “private Cloud” just refers to a partitioned off chunk of infrastructure within one utility computing provider in most cases, or worse-still just a well managed data centre with a bit of virtualisation if you ask some people!

The UK government, for example, wants a private Cloud for some higher-security requirements, but that would be a pool of resources from a number of utility computing facilities (probably partitioned off super-secure areas of providers’ data centres); an open market again, albeit one with specific requirements. As it stands, the “essential characteristic” of resource pooling is at-odds with the analyst-speak concept of a private Cloud; if it is private and dedicated to one organisation, you will only be pooling the resources of one organisation.

There are very few organisations that will have a sufficiently diverse usage profile to gain additional benefit from such an approach, however there are several with similar requirements that could club together as one private community, like UK government. Also, only NIST’s “Hybrid Cloud” encapsulates the full vision of what I believe Cloud Computing is about (interoperability etc). Therefore I would change the NIST deployment models as follows:

• Private Compute Utility: An infrastructure physically dedicated to one organisation.
• Private Community Cloud: An infrastructure spanning multiple administrative domains that is physically dedicated to a specific community with shared concerns.
• Public Cloud: An infrastructure spanning multiple administrative domains that is made available to the general public / businesses, without physical partitioning of resource allocations. (There is arguably only one public Cloud – hence the phrase “host it in The Cloud”.)
• Hybrid Cloud: A combination of public public and private compute utilities in order to allow “cloud bursting” for some requirements, or to allow a private compute utility owner to sell their spare capacity into The Cloud.

It’s all Amazon’s fault; misnaming their Plastic Compute Utility

The origin of the term “Cloud” comes from the diagrams we used to draw of the Internet back in the ’90′s; typically the automatically-routed internetwork was depicted by a big fluffy cloud in the middle of a network map, and it was just accepted that it would route things sensibly between the data centre and client (or other end points). The term then gained further traction with people using phrases like, “I’ll just host it in the Cloud”, now referring to the generally available computing / hosting resources connected to the ‘net.

Then, along came Amazon with their “Elastic Compute Cloud” (EC2), applying the term to something that (when considered on its own) is really just a massive plastic compute utility. ‘Plastic’ since you have to request more or less instances (resources do not elastically shrink) – the elasticity is a function of how you write your application to interface with their API. A ‘Compute Utility’ because it is really just one very large compute grid being sold as a utility service; why apply a new term when we have a perfectly good one?

I see Cloud Computing as the result of having multiple utility computing providers at your behest, with standardised APIs to allow provisioning from competing suppliers. That is pretty much here now, although the grid middleware to allow smooth interoperability is not quite industrial-strength.

IaaS vs. PaaS vs. SaaS

One of the nicely encapsulated outputs from the G-Cloud project to-date has been an agreement on what we actually mean by infrastructure, platform and software, and how they do differ a little from the old terms hardware, middleware and application, but that can wait for my next posting (here).

Instead, purchase your software from one provider, but have a direct relationship with the host. Some of our customers are starting to do this with us and Zimbra. Zimbra is sort-of like Google docs, but open source, and they host it with us, and backup to a third-party host (which is cheap to do).

Good for resellers too

Managing the backup and hosting process might be a new way that resellers can differentiate their offering or add value to the supply chain as more and more businesses look to protect their data as they move to a Cloud Computing model. Ensuring ease of data migration between cloud providers is paramount for businesses moving forward.

By not being tied to one provider, a business could easily migrate to another host, or if Zimbra becomes unsupported, for example, they would not lose their data, and we would carry on hosting while they work with us to find a new software solution. If we fail, they still have their data and Zimbra can help them get set up again. We (the managed hosting provider in this example) would not own their data even if we did fail, but no harm in belt-and-braces.

Hosting commoditisation is here

Software providers cannot realistically compete in today’s commoditised hosting market place, and instead should stick to their strengths. This also applies to migrations – when moving customers between hosts there are now companies that specialise in the migration itself but have no interest in selling software nor hosting. One such company is SEM Solutions, with whom we have recently started working.

Another big win from supply chain disintegration is that you gain total price transparency; no more getting stitched up by one provider who is just whacking a huge mark-up on a commodity service like hosting (yes, I’m talking to you, local government CIOs .

Not only does it show you which bits cost what, thus allowing you to compare with the market rates, but disintegrating the supply chain also makes migration to a new Cloud / managed hosting provider easy since you just need to work with the software supplier to migrate to the new host, and are not tied in to one provider. Equally, since you own the data on the service (because you are buying the hosting direct), moving to a new software provider is greatly simplified.

Eating my own dog food

So, do I take my own advice? Yes; Memset is one of the fastest growing technology SMEs in the country, and all our business critical information and systems are hosted in the Cloud (or at least our little bit of it) and accessed over the Web. None of my staff have Microsoft Office, we do not pay for any software, and we do not need servers in our office for administration applications. Everyone has a laptop, and since all our systems and documents (we use a Wiki for the latter) are hosted online everyone can work from home without the complications of a VPN. We do not use any paper for internal communications either, thus minimising “the printer has broken” type problems.

We also use Trac project management and documentation management system for all our internal documentation, task and project management. It is free and simple to host yourself with any managed hosting provider. Simple, scalable systems like Trac have also made it easy for us to obtain and maintain our quality, security and environmental management systems (ISO9001, ISO27001 & ISO14001 accreditations).

The panel session was lively, and I raised a few eyebrows with my predictions that the Big Corps in software & broadcast were under major threat. I was particularly pleased when I managed to astound Mr. Paxman with some stats on women in technology – here is an excerpt from the Intellect blog on the conference:

In the final panel session, Jeremy Paxman (probably for the first time in his career) was stuck for words when Kate Craig-Wood, MD of Memset, indicated that there was a 23% gender pay gap in the IT industry. Paxman expressed a little scepticism over the statistic, but rest assured the figure is one oft quoted by Intellect and comes from an equalities and human rights commission report.

http://google.co.uk/search?q=the+definition+of+cloud+computing

Lets face it, Google is near omniscient (and probably already has a band of worshipers preparing for the birth of its sentience) so I must know my stuff! </gloat>

Ahem, anyway, when you get down to it, there are only really three differences between Cloud Computing and traditional IT infrastructure outsourcing:

1. Shorter contracts: Hours, days or weeks (at most one month) rather than months or years (usually at least 6 months for traditional outsourcing).
2. On demand: Near-instant scaling / adding of resources.
3. No up-front costs: The CapEx and installation is absorbed into the rental charges.

Modern “managed hosting” providers like my company are largely synonymous with “Cloud Computing” or “Utility Computing” providers; companies like mine will give customers anything from a virtual machine to a large dedicated cluster with a contract of one month and no setup fees. We are blurring the line between traditional IT infrastructure outsourcing (eg. EDS / HP at the big end, Rackspace at the small end) and “pure” Cloud providers like Amazon EC2.

Cloud Computing has been enabled by the ubiquity of Internet connectivity, since companies are no longer tied to owning their own data centre with hard-lines back to offices. Instead, the infrastructure can be pretty much anywhere, although usually you want it in the same country as your main operations.

So what becomes of the old-school big-corp IT outsourcers?

As for the impact on IT outsourcing businesses, that is simple: Cloud Computing is exposing the true cost of computer / server resources, which thanks to Moore’s Law is tiny. Cloud / Utility Computing providers are driving the comoditisation of compute & storage resource, thus eviscerating the outrageous profit margins enjoyed by the old-guard of IT outsourcing providers.

The Cloud movement has the potential to finally deliver on IT’s long-oversold promise of shared services and cheap, highly scalable process automation. In doing so, Cloud also threatens the livelihoods of the big IT consultancies / Systems Intergrators who have become better at selling their highly-paid peoples’ time than actual IT services.

The proof are the likes of Google, Xero online accounting and Zimbra Desktop (Outlook- & Google docs-like functionality, but open source and Web-based): They are delivering most of the IT services that businesses need at an extremely low price, thus demonstrating that:

1. Most of us want the same, simple things in terms of IT services.
2. IT resources are actually really, really cheap.

Sorry chaps, but it looks like the jig is up.

There are a number of reasons why:

1. They used Amazon as a pricing basis (see below)
2. They are only considering mega-corps (>$500m turnover), who could indeed probably run their infrastructure cheaper if they want the bother.
3. They undervalue virtualisation. We can consolidate roughly 10:1 and get CPU utilisations up well over 50% – they were saying a norm would be 18%, and 30% at best.

Lets look at the pricing in detail; the report concludes that Cloud costs more is because they have based the calculations on the only provider perceived as offering “Cloud” or Utility computing services, Amazon, are massively overcharging for their Elastic Compute Cloud (EC2) resources! We (Memset) end up being up to half the price for comparable amounts of compute & storage resource.

An Amazon EC2 compute unit is approx. half a modern Xeon core. One instance costs $0.11/hour = £0.07/hour = £51.07/month

A Memset virtual machine VM4000 has about the same CPU, a bit more RAM and costs £39.95/month.

This is further compounded by the fact that a basic EC2 instance is actually a lot more resource than most small apps need! Our smallest Miniserver VM is 512MB with a tiddly amount of CPU, and that is plenty for the most online apps in the SME domain (ie. the majority of apps by number). Oh, and we charge £9.95/mo for those, so their calculations will be way, way out in terms of price per instance.

An “extra large” instance is basically a quad-core machine with 15GB RAM and 1.7TB disk, and costs >£400/month. For a dedicated quad-core server with 8GB RAM and 2×1.5TB disks we would charge around £250/month.

S3 is even worse! Amazon charge $0.15/GB-month ) which is about £0.11 /GB-month. A 22TByte storage array from Memset costs £499/mo, which is £0.02 /GB-month (79% cheaper)!

When you factor all those in, we are a lot cheaper – and we do not contend the resources. Many providers contend their CPU and RAM resources, but our Xen VM’s are 100% dedicated – you get what you pay for.

McKinsey need to realise that “Cloud Computing” is just what we dedicated hosts have been doing for years but on smaller time frames. If you want a decent definition of Cloud, see the BCS Data Centre Specialist Group Web, or my original version of that definition.

Cloud/Utility computing of the likes of Amazon only makes sense for people with dynamic load profiles. If you just need to outsource a bunch of servers, then go to a normal IT host like Rackspace or Memset. We have an online case-study example / breakdown of how outsourcing can halve the IT infrastructure costs of many companies.

Kate.

PS. Update from the Information Age conference on 28th April: Sure enough, people are now referring to “Utility” computing as the answer, which is what they actually meant when they said “Cloud” anyway, but following McKinsey that has become a bad word. *sigh*

In other words, utility computing is the provision of computing resources as a utility, in the same way that the familiar utilities (electricity, water, gas) are provided; on a pay-as-you-use basis. Sometimes utility computing it is called “on-demand computing” – the terms are synonymous. In a utility computing model the following resources would be available “on tap”:

• CPU time
  • Cores
  • Clock cycles per second
  • Floating point processing vs. integer processing (MIPS vs. FLOPS)
• Data storage (RAM, disk etc)
  • Data space (bytes)
  • Maximum I/O throughput (bytes per second)
  • Maximum transactions per second (I/O operations per second)
  • Error correction level
  • Redundancy (eg. RAID level)
• Bandwidth / connectivity
  • Throughput (bytes per second)
  • Latency to specific locations
  • Network redundancy

Grid -> Utility -> Cloud

So, how does utility computing relate to grid & cloud computing? Those terms are often used in the same breath as utility computing, or the three are confused with each other. While interconnected, though, they are different concepts:

• Grid computing is a technical approach spanning an application across multiple computers within one administrative domain (one provider, not necessarily one location).
• A compute grid is a collection of computers within one administrative domain capable of hosting a distributed application.
• Grid is about infrastructure.
• Utility computing is a sales approach, treating computing resources as a utility in the way we treat the familiar utilities (water,gas,electricity etc.). A utility computing provider would sell resources on their own grid(s).
• Utility is about business relationships.
• Cloud computing means an open market for computing resources; utility computing applied to multiple grids.
• A compute cloud is a grid spanning multiple administrative domains with applications able to move between domains in response to cost and SLA requirements.
• Cloud is about scale and the computing resource market.

Is Cloud Computing already here?

Amazon’s Elastic Compute Cloud is actually rather mis-named, and is really just a very large utility computing facility that spans multiple data centre locations, all of which are within one administrative domain (ie. Amazon’s massive grid).

Google’s App Engine is also not “cloud computing”, but instead a somewhat constrained sort of utility computing (you can only run applications specifically coded for the app engine). Some might call it “IT as a service”, but that term is rather too vague also.

Arguably there is only really one “cloud”, which is the mass-market for utility computing resource. To state “I am going to host this in the Cloud” would mean that you are going to run your app on one (or many) of the available utility computing providers.

Globe-trotting applications (aka. ‘Follow the moon’)

The ultimate vision of cloud computing is where you do not actually know where your application is being run at any one time. You would specify your SLA (eg. uptime, latency to a certain location) requirements and certain financial limits, and then give it with those specifications to some sort of broker. The application would then be able roam between administrative domains (eg. a data centre, a collection of PCs like Seti@Home, a super computer, your neighbours’ home appliances, etc), automatically seeking out the most cost effective resources that fit within the SLA requirements.

We are far from achieving true “cloud computing” at the moment, but we do have a number of utility computing providers coming online. As business slowly learns to let go of their attachment to tin and the concept that “this application run on that box” or even “this application runs in that data centre” then we shall see a massive commoditisation of the marketplace. This in turn will most likely result in the centralisation of compute resource into a small number of very large data centres in geographically strategic locations, and will enable much “greener” computing.

Cloud is not the most efficient form of computing purely because of optimal usage of IT resources, either. In the ultimate vision of cloud, one can envisage applications roaming the planet East-West, following the night time to take advantage of cheaper electricity prices (there is a surplus of power generation at night, and it is inefficient to transport electricity long distances at present), and lower temperatures (meaning less power for cooling).

Update: But isn’t Cloud also about IT services / SaaS?

Here I am merely trying to pin down one aspect of the poorly defined mess that is “Cloud”. In this article I am specifically talking about compute & storage resources (hence ‘Cloud Computing’) and am not attempting to define our contain the other areas to which many apply the same term.

I believe that when most people talk about “Cloud” they are referring to the phenomenon of increasing centralisation and commoditisation of ICT services – “everything over the wire”.

We need more terms; what I describe here is the mass-market for utility compute resources – the “power grid” of computing, if you will. What you are talking about could be called “Cloud Services” perhaps – services run on a compute utility and themselves delivered as a utility in a standardised manner. The problem I have with that is that while compute resources are interoperable, services are generally not (my compute and storage is directly comparable/interchangeable with Amazon’s, but Kashflow.co.uk is not so easily interchangeable with Xero.com).

First of all we need to be clear on what we mean by utility computing; very few organisations are offering true utility computing (ie. computing resources as a utility, in much the same way as gas, water or electricity is supplied) although there are some analogues. Our services, in some senses, can be regarded as utility computing, because we make computing facilities (specifically CPU resource, storage and bandwidth) available in convenient bite-sized chunks and allow customers to easily upgrade/downgrade.

A typical example is one of our Xen-based Miniserver Virtual Machines; a client might initially just want 256MB of RAM and 30GB of disk space, but in time their requirements might grow beyond one machine and onto a cluster of powerful dedicated servers. This approach (allowing the client to start small and grow the resource allocation as needed) gives very large cost savings to them (as well as no up-front capital expenditure) and is very green; we balance the load across our pool of Miniserver host machines to make efficient use of the available disk and CPU resource (bandwidth is secondary since if you don’t use it all, it is not really consuming power).

We, however, are progressively moving towards true utility computing. The next step is our deployment of on-demand clusters where the client has 10 (say) servers dedicated to his/her application, but at normal loads only 3 are required, so only 3 are powered up most of the time. As demand increases our in-house management software spots the trend and (ahead of requirement) brings the other nodes in the cluster online. We plan to incentivise our clients to use this system by billing them separately for electricity, so if they let us turn off the machines that are there just to cope with load spikes and normally not being used, it costs them less.

Our longer-term vision is to combine the two so that we can fully virtualise customers’ server clusters and dynamically allocate them to machines in our server pool that are not necessarily dedicated to them. That is when you truly get the big cost and energy savings; imagine us hosting a big online game in the same data centre as a back office function of a large corporate. During the daytime the back office function might need 50 servers to run, and the game only 10, but during the night the game might need 50 and the back office 10. With traditional provisioning you would have at least 100 machines on and running all the time, but with our system you 60 or less. In reality it is even worse since no sane CIO would run his application without some overhead room to cope with load spikes, but again you get that for free with utility computing since the load spikes just become a ripple on top of all the baseline operations, saving you even more cost and carbon. I estimate that if all our UK data centre operations were running in a true utility computing environment we would be able to reduce our power and hardware requirements by a factor of ten.

There is a catch though; to get the really big savings (in terms of money, energy and hardware) you need to consolidate large numbers of diverse applications (with different load characteristics and different usage patterns) into a small number of big data centers, or at least a small number of big utility computing pools. The problem is that most CIOs are still unsure about the security of virtualisation (for no good reason I might add), let alone allowing their applications to “roam” freely across pools of servers, being allocated CPU & disk resources that might have moments ago been used for one of their competitors.

As with most green initiatives, to get the real benefits of utility computing we need to change the way we think and operate at a organisational level – rolling out some shiny new technologies by itself is not enough. In this case we need to lose our outdated attachment to tin and the idea that “this application runs on those boxes there”. Instead we should view CPU time and storage space as facilities to be rented as and when needed, in much the same way as we do with bandwidth. After all, the routers feeding your ‘net connection might have been being used for something quite other moments before, but we don’t care – why should we with servers?