PRIVATECLOUDe-zine

Strategies for building a private cloud

VO

L. 1

|

N0

. 4

|

NO

VE

MB

ER

20

11

In this issue:

q TRENDS IN CLOUD COMPUTINGBy SearchCloudComputing.com Staff

q OPEN SOURCE IN THE CLOUD: BOON OR BUST?By Bill Claybrook

q NO DEMOCRACY FOR APPS IN THE CLOUD?By Mike Laverick

AS CLOUD COMPUTING continues tomature, IT managers want more.They are clamoring for better inte-gration of cloud platforms withexisting tools, greater control andmanagement, improved self-service,and greater portability among cloudenvironments. Enter open source software,

which has become the architecturalfoundation for many cloud projects.Open source software is often lowercost than proprietary alternatives,and its open code base can preventthe vendor lock-in common withproprietary technologies. Opensource comes with its challenges,though, including spotty supportand a substantial skill requirement.Open source and cloud expert BillClaybrook examines how opensource fits into the cloud as well assome technologies that have begunto define this maturing “secondwave” of cloud computing.Interoperability and data portabil-

ity are just two vexing issues. So,next, we delve into another coreproblem on many IT managers’minds: migrating applications to thecloud. Virtualization expert MikeLaverick takes you through the steps

for evaluating your data center’sapplication portfolio and associatedconcerns, including poor applicationperformance and latency, data leak-age, and issues with compliance orother regulations.But first, in our Cloud One on One

interview, we catch up with AltafRupani, the VP of global strategicplanning and architecture at DowJones, to explore the company’s private cloud rollout and some of its challenges in working with publiccloud providers to get the project up and running. The company’songoing efforts may provide a guide for your own initiative. �

LAUREN HORWITZSenior Managing Editor, Data Center and VirtualizationMedia Group, TechTarget Inc.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 2

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 EDITOR’S LETTER

OPEN SOURCE MEETSCLOUD COMPUTING

E

Cloud One on One

INCHING TOWARD HYBRID CLOUDAltaf Rupani, the vice president ofglobal strategic planning and architec-ture at Dow Jones, is on a mission toget the best out of new cloud comput-ing architectures for all the usual rea-sons: reducing time to market on newapps and avoiding the capital cost ofnew hardware. In this interview, Ru-pani discusses his company’s privatecloud rollout and the challenges ofworking with service providers to get a hybrid cloud system up and running.

How long did it take to build your private cloud?About a year and half.

Why did you go this route versustapping into readily available publiccloud resources like Amazon WebServices? We don’t use EC2 [Elastic Compute

Cloud] for business-critical apps;the public cloud isn’t ready for theenterprise. There needs to be moregovernance controls that cater tothe enterprise.

Aren’t these kinds of controlstough to build in a private cloudenvironment, too? Or can anybodyat your company jump on your pri-vate cloud and provision services?Yes, you need to establish gover-nance and rules and introduce rigorso that you are following role-basedaccess controls, but this is easier to

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 3

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 TRENDS IN CLOUD COMPUTING

T R E N D Sin cloud computing

T

Altaf Rupani, VP of global strategic

planning at Dow Jones

“You need to establish governance

and rules and introduce

rigor.”

do today inside your own four walls.

Is there training involved? How doyou get employees up and running? We have an on-boarding process;we enlighten and educate people onthe portal. Otherwise you couldshoot yourself in the foot if you letpeople on who don’t know whatthey are doing. We leave it to thetech leads to spread the word. Oth-erwise you could have 400 virtualmachines or 4,000 provisioned for10 minutes of use.

What systems did you put in place to guard against that?You need to create an auto-approvalprocess for certain groups of users.For example, developers can provi-sion assets without as many hoopsto jump through as other employeesless familiar with the system. Ourmobile development team can pro-vision as many instances at a timeas they need, as this is a high-priority job.

How large is your private cloud?All new instances are provisionedthrough our private cloud and wehave 350 active instances, but thisspikes up or down depending onworkloads.[Rupani declined to say what per-

centage of Dow Jones’ total serverenvironment the private cloud repre-sents, but it is likely less than 10%today.]Do hardware choices, HP versus

Dell for example, give you anyadvantage in your private cloudarchitecture?No. We use off-the-shelf hardware.Dell, HP, IBM—it doesn’t matter, wejust need a service-level agreement(SLA) for response time, a de-duperate for storage, etc. We created theframework for a resilient cloud first,then we picked vendors that metthat criteria.

What software do you use for virtualization and automation?VMware and DynamicOps.

Which applications run in produc-tion on your private cloud today?Corporate applications, includingback-office stuff like SharePoint2010, have been consolidated fromfive separate instances to one in-stance running on the private cloud.Business-to-business apps on thecloud include DowJonesNews.comand our archive. Business-to-con-sumer apps include WSJ.com, MarketWatch.com and Barron’s. All have some presence on the pri-vate cloud and are using it more and more.

What advantages have you seen so far?One of the biggest advantages isthat we no longer need to spend somuch money on transitional tech-nology setups for new projects. It’s acost-avoidance strategy, as we don’tneed net new assets. There’s also a

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 4

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 TRENDS IN CLOUD COMPUTINGT

cost-efficiency advantage as we aregetting better usage out of our exist-ing servers. We tripled our averageutilization to 35% to 40% per physi-cal machine.

That still seems low. Why not 60% to 70% utilization?We leave headroom to account forpeaks.

What about labor? Do you save costs there?Yes. Cloud instances are half the cost of physical instances, includinglabor.

How many administrators maintain your private cloud?It’s less than five.

What about hybrid cloud? Does that make sense for your company?We’d like to extend our internal private cloud to public cloud in ahybrid model, but we’re still workingon the SLAs and data residencymandates with public cloudproviders to make that viable.

When will that happen?Before the end of the calendar year,we’ll be able to use hybrid; throughapplication programming interfaceswe will be able to plumb providers’capacity behind our portal.Give us an example of why

that would be useful.Let’s say there’s an employee inEurope working on a big marketinglaunch, but there’s no Dow Jonescapacity there. The system will say,“Here are the templates availablefor services,” and it’s the sameworkflow and policies as internalservices, but it launches on the pub-lic cloud. It federates with the enter-prise.

What challenges have you faced in getting this hybrid model towork?When the provider is a black box,it’s not good; single sign-on andidentity and access control is noteasy.

Are there other challenges with the hybrid model?Service providers had not envisagedthe workflow we needed, so we arereally pioneering this path; it takes alot of trial and error.

How have your users responded to the private cloud?People are lining up to use it. Thetime to market for new apps is somuch faster. Users are willing to paymore [for it], as they get their serverbefore they come back from lunchinstead of in three weeks. [That] isawesome from an application deliv-ery standpoint. —BY JO MAITLAND

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 5

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 TRENDS IN CLOUD COMPUTINGT

Let ePlus® be your guide to cloud computing.With our eCloud™ offering, we can design acloud computing strategy tailored specificallyto your business, allowing you to:+ Gain tighter control over security+ Lower your total cost of ownership+ Better manage provisioning+ Improve services orchestration+ Virtualize and scale your existing applications

For more information, please contactecloud@eplus.com.

www.eplus.com/cloud

ExpediteYour Journeyto the Cloudwith ePlus

Specialist

Converged Infrastructure

ePlus eCloud Solutionsare built on technologyfrom:

AS COMPANIES cautiously explorecloud computing, open source tech-nologies could prompt a tippingpoint in cloud adoption.Free and open source software is

liberally licensed and allows users tochange and improve software designby allowing access to its source code.Its community-driven approach tosoftware development—as well asflexibility and the potential lowercost of open source technologies—is well suited to the cloud. By con-trast, proprietary software oftenlocks in users to a given providerand can come with a high price tag.So open source may also help un-tangle some of the vexing problemsthat have been roadblocks to cloudadoption, including data portabilityand cloud interoperability. But building private and hybrid

clouds with open source technolo-gies poses problems as well, includ-ing spotty support, lack of companydevelopment know-how and a lackof common standards. Moreover,many cloud platforms mix open

source and proprietary code. Ven-dors may continue to nurture theirown proprietary technologies in themarketplace rather than join forcesto create common standards. With-out greater cloud interoperability, ITshops may continue to reject cloudtechnologies as too risky. So, for users, the question

becomes whether open source is“good” for the cloud or createsproblems of its own. In this article,we’ll examine when open sourcesoftware can benefit a cloud projectand when it’s best to rely on propri-etary technologies instead.

OPEN SOURCE ANDTHE CLOUD GAIN STEAMBy several indications, cloud com-puting adoption is poised to grow.By 2020 the global cloud market ispredicted to reach $241 billion, com-pared with $40.7 billion in 2010,according to a Forrester ResearchInc. report. Open source platformsand projects in the cloud are also

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 7

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

OPEN SOURCE IN THECLOUD: BOON OR BUST?Open source may address some of the vexing problems that have kept IT managers out of the cloud. But these technologies aren’t for the fainthearted. BY BILL CLAYBROOK

growing. According to a May 2011report of 450 respondents by NorthBridge Venture Partners and the 451Group, mobile and cloud develop-ment experienced growth in opensource projects. A December 2010

report by the 1105 GovernmentInformation Group, 60% of 460respondents have considered cloudcomputing because of its potentialto reduce IT and operational costsand provide rapid on-demandaccess to IT resources.Open source cloud platforms aim

to build flexibility and open IT archi-tecture from the ground up. RichWolski—the CTO of the open sourceInfrastructure as a Service providerEucalyptus Systems Inc. and a pro-fessor of computer science at theUniversity of California, Santa Bar-bara—said that his company want-ed to develop a platform that is easyto use, maintain and modify, partlybecause of its open source founda-tions. “We actually started from first

principles to build something thatlooks like a cloud,” he said. “As aresult, we believe that our thing ismore malleable. We can modify it,we can see inside it, we can install it and maintain it in a cloud environ-ment in a more natural way.”So, for companies that want

lower-cost and more flexible andelastic on-demand IT infrastructure,open source cloud computing canmake sense. Now let’s considersome of the characteristics and ben-efits of open source cloud technolo-gies. (For more on Eucalyptus andother key cloud initiatives, see “KeyOpen Source Projects” on page 8.)

Reduced cost. Low cost is a keydriver in open source cloud tech-nologies. According to the NorthBridge Venture Partners survey,respondents said that low cost isthe second-most attractive aspectof open source technology, behindonly freedom from vendor lock-in.Lower-cost or free licensing comple-ments cloud computing by reducinginfrastructure costs. But lower licens-ing fees should be balanced againstsupport costs and developer timeand costs to customize code, whichcan quickly boost the total cost ofownership of open source software.

Rapid innovation, accelerateddevelopment. Technology resourcesare no longer fixed but abundantlyand flexibly available, so businessescan roll out new ventures with less

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 8

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

FOR COMPANIES THAT WANT LOWER-COST AND MORE FLEX-IBLE AND ELASTIC ON-DEMAND IT INFRA-STRUCTURE, OPENSOURCE CLOUD COMPUTING CAN MAKE SENSE.

KEY OPEN SOURCE PROJECTS Almost immediately, open source technologies such as Linux and Xen began to have an impact on cloud computing. But several new open source offerings havecropped up, including Deltacloud, Eucalyptus, Openstack and OpenNebula. We’llprofile some of these offerings below (and see the table “Open Source Cloud Plat-forms” on page 9).Today, OpenStack is the “hottest” open source cloud software project. Rack-

space, a proprietary company, and NASA support OpenStack and are working to establish a nonproprietary cloud infrastructure that can be broadly adopted. In mid-2011, OpenStack received a boost in support from heavyweights such as Dell andHewlett-Packard.Now, a growing number of technology providers—including Citrix Systems, Cisco

Systems, AT&T, Intel and rPath—have coalesced around the OpenStack platform forpublic cloud providers and for enterprise private clouds. Use of OpenStack for pub-lic and private clouds would enable cloud interoperability, allowing users to migrateapplications from one cloud to another. VMware has been trying to do the samewith its vCloud API and vCloud Express.Eucalyptus is OpenStack’s primary competitor, but it has nowhere near the mo-

mentum of OpenStack now that Dell and Hewlett-Packard have begun to support it. Still, OpenStack lacks the systems support that enterprise users require. Citrix

and Rackspace have created commercial support projects for OpenStack. Citrix re-cently announced Project Olympus, and Rackspace has launched Rackspace CloudBuilders. Because OpenStack has broadened its support and now has major companies

contributing code to OpenStack, its application programming interfaces have agood chance of becoming an open standard for cloud computing. Its main competi-tion comes from VMware’s vCloud API. �

risk and delay and without prohibi-tive costs. The ability to switch re-sources on or off in seconds pavesthe way for real experimentation andmore rapid business development. Firms that use open source soft-

ware can add new features criticalto their business needs, whichallows programs to be extended

rather than replaced. According tothe “2011 Cloud Computing Adop-tion Survey,” rapid business innova-tion is a critical cloud driver: 51% of344 responding companies seeopportunities to roll out new prod-ucts via the cloud.But companies can garner these

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 9

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

(Continued on page 11)

CLOUD OPEN SOURCE PLATFORMS

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 10

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

PRODUCT

Abiquo Cloud Manage-ment

Citrix SystemsInc.’s Cloud-Stack and OpenCloud

EucalyptusEnterprise Edition

Novell CloudManager

WHAT IT DOES

Creates public and private Infra-structure as a Service (IaaS) cloudsbased on heteroge-neous environments. Users can provisionservers, storage, net-works and applica-tions automatically.

Enables enter-prises and serviceproviders to buildIaaS clouds. Tools onthe back end manage,secure and bill forresources used.

Implements IaaS–style cloud comput-ing with Linux-basedinfrastructure. Withits Amazon WebServices-compatibleinterface, Eucalyptuscan move workloadsbetween AWS and aninternal data centerwithout modifyingcode.

Allows IT staff tomanage virtualizedresources based ondifferent hypervisors,including VMware,Hyper-V and Xen vir-tual servers, all froma single managementtool.

TIME ON MARKET

ReleasedApril 2009;Abiquo 1.8releasedJuly 2011

ReleasedMay 2010;CloudStack2.2.8 releasedJuly 2011;OpenCloudversion 1.0releasedMarch 2011

ReleasedSeptember2009;Eucalyptus3.0 due outmid-2011

ReleasedSeptember2010; version 1.1releasedDecember2010

PRICING

Community Edition is free; EnterpriseEdition is licensed on an annual basis(from $211 for one to 49 physical coresto $432 for 1,000 or more cores) andincludes support atone of three levels.

Standard is $500 permonth with an initialfee of $2,500; Pre-mium is $1,000 permonth, with an initialfee of $4,000; Cor-porate and Enterpriselevels are also avail-able. Pricing maychange given the recent acquisition,however.

Licensing based onnumber of processorcores on physicalhost.

N/A, though baseconfiguration willcome with the pres-entation and man-agement server andlicenses to manage25 workloads.

NOTABLE FEATURES

Offers broad hypervi-sor support, includingVMware, Microsoft,Citrix and Kernel-based Virtual Ma-chine (KVM) hyper-visors; enables IT todelegate permissionsto authorized users.

Supports a range ofhypervisors, includ-ing VMware, OracleVM, and Hyper-V support is expectedby the end of the year.CloudStack also in-cludes CloudBridge,which enables appli-cations to work withpublic cloud applica-tion programming in-terfaces (APIs).

AWS is compatiblewith Elastic ComputeCloud (EC2) APIs, soworking with Eucalyp-tus is like workingwith VMs in AmazonEC2. It is also one ofthe most maturecloud platform software kits.

Designed for mixed ITenvironments, NovellCloud Manager runson all major hypervi-sors, includingVMware, Hyper-Vand Xen.

POTENTIAL ISSUES

Abiquo claims to runon diverse hardware;but doing so couldhave unintendedconsequences forscaling and trouble-shooting an environ-ment.

Prior to Citrix’s ac-quisition of Cloud.com’s CloudStack inJuly 2011, installationand interfaceweren’t intuitive,and CloudStack hadfew proven, enter-prise-scale deploy-ments. Now thatCitrix has integratedOpenCloud withCloudStack, thingscould change.

Historically, the partially closed ele-ments of Eucalyptushave posed scalabil-ity problems. Thetechnology requirestechnical compe-tence.

Novell continues tolag Red Hat in Linuxmarket share. CloudManager does notreplace existing hypervisor manage-ment tools, so pric-ing is dictated by the console.

(Table continues on page 10.)

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 11

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

PRODUCT

OpenNebula2.2

OpenStackproject (Rackspaceand NASA)

Red HatInc.’s CloudForms

Ubuntu EnterpriseCloud

WHAT IT DOES

A completely opensource toolkit to buildIaaS clouds, includingpublic, private, virtualprivate and hybridclouds. Originallylaunched to establisha cloud standard,OpenStack is a free,community-sup-ported cloud platformdeveloped by NASAand Rackspace andsponsored by severalvendors, includingDell and HP.

Originally launchedto establish a cloudstandard, OpenStackprovides open sourcestandards for large-scale deployments ofautomatically provi-sioned virtual com-pute instances.

CloudForms is anIaaS cloud platformfor enterprises andservice providers.CloudForms usesJBoss Enterprise Mid-dleware for applica-tion and service pro-visioning.

Formerly powered byEucalyptus and nowby OpenStack, Ubun-tu Enterprise Cloud isa platform to createLinux-based privateand hybrid clouds.

TIME ON MARKET

Released in 2008;OpenNeb-ula 2.2

ReleasedOctober2010;OpenStackComputeAPI version1.0 avail-able andOpenStackComputeAPI version1.1 now “ex-perimental”for Cactus

ReleasedMay 2011;at the timeof this writ-ing, in beta,but due tobe gener-ally avail-able in fall2011.

Ubuntu9.04 wasreleased inApril 2009with cloudcapabili-ties; ver-sion 11.04releasedApril 2011

PRICING

In fall 2011, C12GLabs announced sup-port pricing, whichbegins at €150 perphysical server, withhigher levels thatoffer support for un-limited servers withina single zone (start-ing at €9,000) andper-site support forunlimited zones.

N/A

Combines applica-tion lifecycle man-agement with IaaS.Offers configurationand management ofmulti-tier applica-tions and gives usersthe option to moveand manage applica-tions between clouds,virtualized environ-ments and servers.

Cost for entry-levelcoverage for turnkeyboxes: physical ma-chines running duringthe business hours of 9 to 5: $4,750 peryear; running 24/7 is $17,500 per year.Cost for additionalpacks for turnkeyboxes: One physicalmachine with 9-to-5support is $1,250 peryear or 24/7 supportat $3,000 per year.

NOTABLE FEATURES

Offers an authentica-tion framework; ad-ministrator roles; andsecure multi-tenancyas well as an imagerepository with cata-log and image man-agement.

The OpenStack com-munity has grown to40-plus companies.Open standards makeit relatively easy tomigrate data and ap-plications to publicclouds. It’s also easyto benefit from oth-ers’ bug fixes.

N/A

Ubuntu’s cloud is nowintegrated with Open-Stack (though it con-tinues to supportEucalyptus), a non-proprietary cloud in-frastructure, which isswiftly becoming afront-runner.

POTENTIAL ISSUES

The project uses theOpen Cloud Com-puting interface andis funded andstaffed by academicinstitutions and vol-unteers. Only re-cently, in late 2010,C12G Labs beganmanaging Open-Nebula.pro, a sup-port portal.

Long-term businessprospects for thecompany could be a question mark.Persistent supportissues may be re-solved now that Citrix and Rack-space will supportOpenStack throughProject Olympusand Cloud Builders.

The offering is rela-tively new and RedHat has had long-standing issues indelivering enterprisesupport.

The best user candi-dates for this tech-nology must roll uptheir sleeves andcontribute to thecommunity. So usersshould consider asupport relationshipwith Rackspace,Canonical or both.

benefits only if they have in-houseexpertise or ongoing developmentcontracts with outside help to devel-op the code and address supportissues.

Cloud-friendly licensing and user control. Open source licens-ing is often less problematic forclouds than proprietary softwarelicensing. Traditionally, commercialsoftware was designed and licensedfor static environments in whichsoftware was installed and run on aphysical server. Today these kinds ofstatic environments are becomingthe exception, with elastic applica-tions becoming the norm. And with proprietary software, it

can be a major headache to figureout how to license these dynamic ITresources as applications and datamove from cloud to cloud. Unlikeproprietary licensing models, suchas Microsoft’s, open source soft-ware licenses do not have to be ad-justed to allow for “license mobility.” Finally, users gravitate toward

open source because it providesgreater control over testing andevaluating cloud technologies,noted Eucalyptus CEO MartenMickos. Companies want to testproducts themselves and have con-trol over the technology evaluationprocess. This also supports findingsfrom the “2011 Cloud ComputingAdoption Survey,” where 43% of344 respondents said that they

want to maintain responsibility forthe care and feeding of their cloudsrather than relinquish control toproviders.

OPEN SOURCE PROBLEMATIC FOR CLOUDS?Still, open source software is nopanacea and presents challenges forthe unprepared, particularly compa-nies without the necessary in-housecoding expertise to support opensource technologies. According tothe North Bridge Partners survey,respondents cited lack of technicalskill, lack of familiarity with opensource technologies and a lack ofsupport as the top three barriers inselecting an open source technology.

Coding expertise and support.Large companies such as Amazon,Google and Yahoo often have sub-stantial developer expertise in-house, so they are the most likely totake open source technologies andbuild on top of them. They have theresources required to customize thecode for particular business needs,which many smaller companiesoften lack. Some of the more popular open

source projects also provide ade-quate Web-based support for bugs,patches and so forth. In the case ofless-popular open source software,Web-based support isn’t enough. Ifa company lacks expertise in cus-tomizing open source cloud soft-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 12

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

(Continued from page 8)

ware, it may end up paying morethan it would by just paying for pro-prietary software. For open source cloud technolo-

gies to be successful for a givenorganization, a company needs toask, “Do we have the developmentcapacity for this project? Should weinvest staff resources this way?” Ifthe answer is no, choose a commer-cial product to get paid supportinstead. If the answer is yes, consid-er whether you have sufficient in-house developer expertise to sup-port ongoing projects or whetheryou need additional resources.

Open standards. Another potentialproblem for open source cloud soft-ware is getting open source cloudAPIs ratified by standards organiza-tions (and for the distinction betweenopen source and open standards,see “Open Source vs. Open Stan-dards” on page 13). While a gooddeal of hype surrounds OpenStack asa potential standard for cloud com-puting, it has yet to demonstrate thatit can attract a large number of users.APIs, such as TCP/IP, become openstandards because they attract sub-stantial interest and use. It may takeOpenStack a few more years to gar-ner enough broad-based use to quali-fy for open standards ratification.While initiatives like OpenStack

are moving toward greater opennessin the cloud, these projects are driv-en in part by cloud technology ven-dors and, to some extent, by cloud

providers. All these parties have astake in product differentiation andin preventing commoditization. As aresult, vendors’ motivation to create

truly open standards could sufferfrom self-interested vendors con-trolling the roadmap of a project.So while open standards are a

good thing, it does not necessarilyfollow that users will reap the bene-fits. Because some cloud serviceproviders don’t want to compete oncost or selling price alone, they mayhave little interest in developing orsupporting common cloud standards.If OpenStack or VMware APIs be-come open standards, for example,expect cloud service providers todeliver these APIs with their ownmodifications. These changes, ofcourse, may render open standardsless open or broadly usable.

TAKEAWAYSOpen source and cloud computingtechnologies can enhance one an-other. For companies on tight budg-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 13

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

ONE POTENTIAL PROBLEM IS GET-TING OPEN SOURCECLOUD APPLICATION PROGRAMMING INTERFACES RATIFIEDBY STANDARDS ORGANIZATIONS.

OPEN SOURCE VS. OPEN STANDARDS WHILE PEOPLE OFTEN confuse open source with open standards, they are distinct entities.Open standards are specifications that are publicly defined, that anyone can im-

plement and that outline agreed-upon conventions to enable different programs towork together, along with some mechanism to ensure that they actually do (such asa series of tests). They create an open market where users can switch betweencompeting implementations. With open standards, your company can chooseamong competing vendors without becoming locked into any one. Examples includeTCP/IP and HTML.Free open source software licenses give users the freedom to run an open source

program and to redistribute copies of the original or modified program without pay-ing royalties to developers. Examples include the Linux Kernel, Apache Web Serverand Firefox. Open source implementations can also rapidly increase the use of openstandards because they can be downloaded and tried out, which encourages experi-mentation and broader use. While some mistakenly believe that open source software offers the same bene-

fits as open standards, open source just means that the underlying software codeis available for free and can be modified and redistributed. Making the source codeopen and available is a good thing, but that doesn’t mean that every cloud-relatedtechnology that the open source community produces will be compatible. The Euca-lyptus cloud and OpenStack cloud APIs, for example, are not entirely compatible.This is why open standards are key to the cloud and not equivalent to open source.Standards ensure compatibility and choices; open source does not necessarily do so. �

ets that want to make an initial forayinto the cloud, open source can offerflexibility and lower-cost cloud proj-ects. It also offers the opportunityfor the rapid innovation and deploy-ment that is so central to the cloud.These technologies permit innova-tion at a much faster rate than pro-prietary software, which often haslong development and testing cycles.Moreover, some of the key capabili-

ties in automation, managementand monitoring tools for cloud-based and virtualized environmentshave been generated by open sourceprojects and startups such as Open-Nebula, Cloud.com and Abiquo. Fur-ther, an open source implementa-tion can become a working referencemodel that demonstrates what thespecification means and how toimplement it. This may be difficult,

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 14

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

ADDITIONAL RESOURCES Cloud Computing Licensing: Buyer BewareManaging the number of licenses you need for a cloud deployment of a custom application is no mean feat.

The Role of Open Source in Cloud ComputingThe open source market for cloud computing already features a well-formed batchof tools and services.

Comparing Open Source Cloud Platforms: OpenStack vs. EucalyptusOpenStack has garnered significant praise. How does it stack up to open sourcestalwart Eucalyptus?

Deciphering Red Hat’s Cloud StrategyRed Hat’s cloud strategy seems aimed at providing consistent open source cloudservice for data centers and public clouds using tools like Deltacloud and Linux—an approach our expert thoroughly examines.

Five Open Source Tools for Building and Managing CloudsHere we explore five open source tools for building and managing clouds. �

if not impossible, with proprietaryimplementations.But at the end of the day, whether

a cloud technology is open sourceisn’t the key factor for users. Theydon’t care as much about what’sunder the hood as they do aboutperformance, availability, securityand overall results. Still, users docare about flexibility and portability,which could prompt them to sup-port open standards and, in turn,open source cloud technologies. All in all, companies with in-houseexpertise to support open source

cloud projects are the best candi-dates to reap the benefits of lowercosts and more rapid product timeto market. As they draw a roadmapto the cloud or make purchasingplans, companies should start byassessing their in-house skills. �

Bill Claybrook is an analyst with more than 30years of experience in the computer industry. He has spent the past 10 years focusing on Linuxand open source. Claybrook was the researchdirector for Linux and Open Source at theAberdeen Group and a competitive analyst atNovell Inc. He is now president of New RiverMarketing Research in Concord, Mass.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 15

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

1 OPEN SOURCE IN THE CLOUD: BOON OR BUST?

JUST BECAUSE YOU want to move anapplication to the cloud doesn’tmean that you should. In the cloud,not all applications are createdequal, and some are downrightwrong for the infrastructure model.To make the right decision about

which apps to move, you need asolid migration strategy. You need toconsider your application portfolioand your business requirements toprevent problems such as poorapplication performance and laten-cy, data leakage, or issues with com-pliance or other regulations. Appli-cations subject to regulation orthose that are business-critical, forexample, are often poor candidatesfor cloud migration. And legacyapplications may not stand up to thecustomization required for a moveto the cloud. But when it comes to these deci-

sions, you don’t have to fend foryourself. You can rely on establishedbest practices to prevent disaster.

Here’s how to develop a foolproofstrategy for moving the right appli-cations to the cloud, which starts byoutlining clear objectives, thenfocuses on your application portfo-lio’s characteristics and businessrequirements to determine best fit.

1DEFINE YOUR CLOUD OBJECTIVES. . . . . . . . . .

The first task is to identify why youwant to move a given application tothe cloud. Is your goal to save costsor to scale an application quickly tomeet new business demand? Some-times your goals clearly align withthe applications you want to moveto the cloud, enabling you to savemoney and become more respon-sive to business needs—and avoidcostly infrastructure investments toexpand capacity. But other use cases won’t fulfill

these goals, particularly applications

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 16

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

NO DEMOCRACY FOR APPS IN THE CLOUD? In the cloud, not all applications are created equal, and movingsome applications there could spell disaster. Here are seven steps to create a rock-solid strategy for porting apps to the cloud.BY MIKE LAVERICK

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 17

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

that are mission-critical, resource-intensive, or those that house sensi-tive data. If you have to retool alegacy application to move it to thecloud, for example, it may drain stafftime and, ultimately, money. Doesthe resource cost justify the move?If not, consider hosting or anotheralternative. The same applies to workload-

intensive applications that requireextremely low latency and havesteep disk I/O requirements or maypose performance tradeoffs that areunacceptable for business users. Insuch use cases, revisit your modelfor managing applications in-house.

2 UNDERSTANDING SCALA-BILITY AND REDUNDANCY. . . . . . . . . .

Scalability. Cloud computing is allabout scale and the ability to rampup additional resources on demandas workloads change. So the easiestapplications to move to the cloudare those with built-in scale-outcapabilities and redundancy. Historically, IT departments have

used the scale-up approach andhave added more memory and CPUto servers to improve performance.But with cloud computing, the farsimpler method is to scale out—thatis, to add more nodes to a singlesystem, often by spinning up a newvirtual machine (VM) when peakdemand occurs. Ideally, these new

VMs can be deployed rapidly with-out the application owner needingto go through a convoluted postcon-figuration process. These additionalVMs can be spawned on demand,then destroyed when no longerneeded—or left in standby modeready for the next spike in demand.

Scale-out architectures suit thecloud, which requires immediate,on-demand access to these scalableresources. It’s much more difficult toadd resources in the form of CPU ormemory on the fly. Not every guestoperating system supports thisfunctionality, and, depending on thefeatures of the OS and the function-ality of your hypervisor, you mayfind that that an OS needs a rebootfor the change to be applied.

Resiliency and redundancy. If anapplication lacks built-in resiliencyand poses a potential single point offailure, an organization has to spend

CLOUD COMPUTING ISALL ABOUT SCALE ANDTHE ABILITY TO RAMPUP ADDITIONAL RE-SOURCES ON DEMAND.SO THE EASIEST APPLI-CATIONS TO MOVE TOTHE CLOUD ARE THOSEWITH BUILT-IN SCALE-OUT CAPABILITIES.

time and money retrofitting theapplication to build in this function-ality. This may require you to shoe-horn availability technology into theguest OS to protect services thatpreviously had none or, alternatively,enable a virtualization provider’sVM availability, such as MicrosoftHyper-V’s Failover Clustering orVMware’s High Availability. Whatever your decision—and

it may very well be a combination of both virtualization-enabled andadded-on availability—it willundoubtedly increase the cost ofmoving an application to the cloud.Even if your data center has thesetechnologies on board, they stillhave to be managed and main-tained, which only increases com-plexity when compared with appli-cations that have built-in“self-healing” capabilities. But the reality is that, today, appli-

cations with this built-in design forscale-out and availability are fewand far between. Despite occasionalsightings of this rare creature in thewild, they remain largely an endan-gered species compared with theirnatural predator: legacy applicationsthat don’t scale, and don’t havebuilt-in resiliency.

3 IDENTIFY CLOUD-FRIENDLY APPLICATIONS. . . . . . . . . .

Now evaluate applications that youconsider cloud candidates to deter-

mine whether they can achieve thescalability and redundancy that theenvironment requires. Here is asample checklist of attributes toconsider, though it may not encom-pass every consideration in yourown environment.

� Business criticality. How central is this application to the business?What are the potential costs if theapplication were to go down? Mis-sion-critical applications are rarelygood candidates for a move to thecloud.

� Resource use. Does this applica-tion consume a lot of computeresources? If so, it isn’t likely to be a good candidate for the cloud.

� Availability. How many nines ofuptime are expected of this appli-cation? Will moving it to the cloudchange that degree of uptime? Ifthe application requires four or fivenines of uptime, it probably isn’t a good candidate for the cloud.Moreover, be wary of providersthat claim to guarantee this levelof reliability; companies like Googleand Microsoft claim only three.

� Resilience. Does an applicationlack built-in resiliency and pose a potential single point of failure?If so, an organization has to spendtime and money retrofitting thesoftware to build in this function-ality.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 18

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

� Portability. Is the application easyto move to the cloud? Is it basedon Java, .NET or another lan-guage? Cloud providers such asGoogle and Amazon use differentunderlying architectures, whichquickly becomes problematic ifyou’re considering moving appli-cations between one provider andanother. This becomes especiallyapparent if you use a Platform as a Service that is based on a specif-ic programming language.

� Scalability. Can this applicationscale, and do you need it to scalefor peak demand times?

� Application dependencies. Doesthe application rely on other soft-ware, such as a database, to run?

The greater the dependencies, theless likely it’s a fit for migration tothe cloud.

� Data security. Does the applica-tion house data that is subject tostrict security requirements orcompliance regulations? Applica-tions that contain sensitive data orthat are subject to regulation arepoor candidates for the cloud.

Now you can consider theseattributes in light of the applicationsin your infrastructure. If your appli-cation is a resource hog, for exam-ple, placing it in the cloud will likelyonly introduce or augment perform-ance problems. Similarly, if your apprelies on others, such as a database,to run, or is subject to data privacy

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 19

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

LOW-RISK APPS IN THE CLOUDWhen asked which applications they would be most likely to move to the cloud,

respondents targeted nonmission-critical and low-risk programs.

SOURCE: "CLOUD COMPUTING 2011 ADOPTION SURVEY," TECHTARGET INC., MARCH 2011; N=344 I.T. MANAGERS

40%36% 33%

28%

�Web applicationhosting

�Disaster recovery �Email �Test and development

concerns, it probably isn’t a goodcandidate for cloud migration.For these reasons, many organiza-

tions have begun the process ofporting applications to the cloud bytargeting email programs, disasterrecovery, and test and developmentenvironments. Such applications areoften natural fits for the cloud: Theymay need elastic resources for peakvolumes, they aren’t mission-criti-cal, and they don’t house sensitivecompany or customer data. You canstart with these production-levelapplications while minimizing therisks. Another key aspect of this step is

consulting with stakeholders to real-ity-check your findings. You maydiscover that an application’s own-ers have solid automation routinesin place for installation and configu-ration that can be seamlessly inte-grated into the cloud deploymentprocess. Alternatively, you may dis-cover that an application is resistantto being ported to a cloud environ-ment because of security or auditingprocesses.

4 SELECT A RESOURCE CONSUMPTION MODEL . . . . . . . . . .

Generally, you can consume a pri-vate or public cloud in three for-mats: allocation, reservation andpay as you go. With the allocationmodel, you assign a percentage ofCPU/memory from a virtualization

cluster, which controls the resourcepools and per-VM defaults. Critical-ly, only a certain percentage ofthose resources are guaranteed orreserved. So if you set your alloca-tion policy at 75%, you have 25%

unreserved resources. If you exceedthe 75% value, it’s anyone’s guesswhether those CPU/memoryresources would be available. With the reservation model, these

percentages are set to 100%, andyou are guaranteed 100% of themegahertz or gigabytes you reserve.This can be costly; if you set toohigh a reservation, you pay forresources you may never use. Finally, the pay-as-you-go model

—often the most attractive—isbased on variable consumption ofcompute resources, and the costvaries according to what you con-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 20

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

MANY ORGANIZATIONSHAVE BEGUN THEPROCESS OF PORTINGAPPLICATIONS TO THECLOUD BY TARGETINGEMAIL PROGRAMS, DISASTER RECOVERY,AND TEST AND DEVEL-OPMENT ENVIRON-MENTS. SUCH APPLI-CATIONS ARE OFTENNATURAL FITS FOR THE CLOUD.

sume. But as with all pay-as-you-gomodels—such as cell phones—thereis a risk of receiving a larger-than-expected bill if applications’resource demands vary.

5 IDENTIFY ROADBLOCKS . . . . . . . . . .

Of course, you may still encounterobjections to migrating applicationsto the cloud, and it’s critical toaddress these challenges head-on.Some challenges are technical andarchitectural, but some involvehuman obstacles.

Application portability. Userswant assurance that they can bringcloud-based workloads back intotheir data center if circumstanceschange. But clouds like AmazonWeb Services use virtual machineimages, which are proprietary anddifficult to map to enterprise net-works. While the industry has begunto move toward standard applica-tion programming interfaces andother common standards for clouds,vendors haven’t coalesced aroundcommon practices, and providerswant to preserve product differenti-ation and stave off commoditiza-tion. Still, the industry has madesome strides in making workloadsindependent of the hypervisor,enabling interoperability with multi-ple virtualization platforms. Organi-zations including DTMF, IEEE, the

Open Cloud Initiative and othershave also pushed for common stan-dards throughout the market. Butthese efforts are still nascent, andnew methods of abstractingresources are necessary to improveapplication portability.

Security. Another primary road-block is the objection that publicand hybrid clouds pose securityrisks. IT managers are concernedabout the risks of data leakage in amulti-tenant environment—not tomention the lack of control overtheir data. Given the immaturity of many

cloud management products andvendors’ slow moves to developcloud security standards, IT man-agers are rightly concerned withdata insecurity. As recently as July2011, Gartner Inc. analyst Neil Mac-Donald characterized cloud com-puting standards as “nascent” andinsufficient. One reason that data security in

the cloud is slowgoing is that themarket has placed greater focus onnetwork security by creating tech-nologies that allow for secure multi-tenancy, such as VMware’s vShieldtechnologies. But vendors haveplaced less emphasis on securingthe data itself, as opposed to secur-ing network packets. Many analystsbelieve that the public cloud willinevitably require levels of dataencryption to address concernsabout data interception. (Though

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 21

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

what hasn’t been discussed is theadditional payload that such a sys-tem places on a cloud platform aseach bit and byte is encrypted.)But IT managers can deal with

some of these objections directly byreminding application owners thatsecurity starts at home, not with acloud provider. They should checkwhether the current application setis up to date with all known securitypatches and configured with fea-tures turned off to protect potentialgateways from hackers. Second,make application configuration thefocus of security, compliance andperformance concerns. This focusforces application owners to ownthe “problem” rather than object tocloud-based applications based onamorphous security paranoia.

Compliance. Nearly every majorindustry has government-imposedregulations to meet, and in somecases, independent bodies imposeadditional regulations to be part ofthe club. Additionally, many cloudcompliance requirements dealdirectly with local or central govern-ment and these requirements areprecisely the ones that public cloudvendors are inexperienced at deliv-ering. Failure to meet compliance isthe responsibility of the business,not the cloud provider, so simplyblaming someone else is not a solu-tion. Many think that businesses willwant to buy insurance to cover them-selves for breaches and noncompli-

ance, but as the Sony PlayStationNetwork breach in April 2011 shows,there’s no guarantee that an insur-ance company will accept liabilityand pay out on the policy. Compa-nies must be prepared to acceptresponsibility for security breachesas well. That’s why many industrywatchers predict that hybrid cloudsare the inevitable outcome to com-bat this compliance anxiety. Organi-zations will opt to hold data andcompliance-sensitive applicationsin-house on a private cloud for themoment and restrict their use ofpublic cloud to applications thataren’t politically sensitive.

6 TEST A DEPLOYMENTSTRATEGY. . . . . . . . . .

One of the key components of cloudcomputing is the ability to rapidlyspin up new applications from anexisting catalog. If your infrastruc-ture doesn’t have this automationbuilt in, however, it takes time todevelop and test. Rigorous testingwith beta users helps to confirmthat the service runs acceptably andreliably.Beta testers should encompass a

broad swath of users: Give businessusers, administrators and develop-ers a chance to evaluate the benefitsand the limitations of the cloud fromtheir perspective. Applicationexperts can use the sandbox to runfunctionality and performance test-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 22

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

ing on the application in the cloud tosee how it behaves compared withthe traditional environment and tosee whether any differences areacceptable.

7 SELECT A NETWORK MODEL . . . . . . . . . .

For the cloud model to work, youneed a networking design that canaccommodate virtualized, multi-tenant resources.At a simple level, resource sharing

can take place by creating pools ofvirtual LANs (VLANs)—whichenable information and resourcesharing across locations as if theywere all under one roof—at thephysical switch that are thenaddressed by hypervisors’ virtualswitch configuration. Virtual switch-es are then presented automaticallyto the cloud automation layer to beconsumed by tenants. But VLANs have their drawbacks;

these models require a significantnumber of VLANs to be created upfront as a pool of resources on aphysical switch. Network adminis-trators are often hesitant to createnumerous VLANs in bulk that aren’tdesignated for immediate usebecause they view VLANs as themain avenue to control traffic andensure network security. New alternatives allow cloud

administrators to segment a net-work without excessive use of

VLANs. VMware Inc.’s vShield Edgeappliance, for example, can create“network isolation-backed” networkpools. These pools use a MAC-in-MAC encapsulation process to addadditional bytes to the standard Eth-ernet packet, which creates multiplenetwork IDs within a single VLAN.The process is analogous to the802.3 Q VLAN tagging standardthat many VMware admins haveenabled on their physical and virtualenvironments, which allows manyVLANs to be accessed through anetwork interface card team. (In ateam, one or more physical NICs arebonded together logically to createthe impression of a single pipe. ANIC team guarantees bandwidthand offers redundancy should a NICin the team fail.) With this MAC-in-MAC method, the same number ofnetworks can be supported withfewer VLANs, and network adminis-trators can receive fewer requests.Fundamentally, it allows for a moredynamic and automated approachto creating new networks that cloudcomputing requires. This networking design approach

comes with caveats as well. TheMAC-in-MAC process adds 24bytes to the overall Ethernet packet,so you may need to adjust the maxi-mum transmission unit (MTU)value on your physical and virtualswitches to prevent fragmentationof packets through devices that arecurrently configured to the defaultof 1,500. They need to be reconfig-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 23

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

ADDITIONAL RESOURCES Data Security in the CloudMulti-tenancy in the cloud and questions about the physical location of cloud dataare security risks that organizations looking at using cloud services need to beaware of.

Compatibility Concerns in the Evolution of Cloud Computing APIsTo truly exploit the new cloud computing paradigm, revisions are required to capi-talize on special application programming interfaces associated with individualcloud architectures.

Cloud Computing Skepticism: IT Security and ComplianceHow can enterprises ensure that cloud providers—especially external providers—stay up to par with patches, updates and access restrictions?

Cloud Computing and Application Security: Issues and RisksRegardless of where the computing takes place, you’re going to have security issuesin the same old areas: technology, people, business processes.

Resolving Cloud Application Migration IssuesMost of today's large, old monolithic applications must be rebuilt to fit the targetenvironment.

How Providers Affect Cloud Application MigrationUnfortunately, there’s more to application migration than simply moving an applica-tion into a new cloud. �

ured to an MTU of 1,524 bytes orgreater. If they aren’t, every time a1,524 (or larger) packet traverses anetwork device configured for 1,500bytes, it gets split up into smallerunits. This fragmentation candegrade performance and affect thereliability of secure protocols suchas SSL.

Ensuring that all devices in thepath of communication are config-ured for the correct MTU can be amanagement headache, and it’s dif-ficult to diagnose which device hascaused the fragmentation. So whilechanging the MTU value is a rela-tively trivial task, it must be doneconsistently across the affected net-

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 24

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY IN THE CLOUD?

work, and that can introduce an ini-tial administrative burden to thenetwork team that makes thechange depending on the number ofnetwork devices that need theupdate.In contrast to these methods,

Nimbula, a cloud automation start-up based in Palo Alto, Calif., uses a“security list” method that acts asan access-control method. Currentlybuilt on Kernel-based VirtualMachine (KVM), Nimbula use theDOM0 partition to store the map-ping data and then control accessfrom one VM to another. Whilethese new methods of network iso-lation are innovative, they are alsoexceedingly new. Cloud serviceproviders may not be ready to sup-port these methods.

CONCLUSION By necessity, the process of deploy-ing an application to the cloudvaries based on organizations’ envi-ronments, business requirementsand application portfolios. Just asthe migration to server virtualizationrequired a flexible approach toarrive at the end game, the journeyto the cloud will require new techni-cal, business and project manage-ment skills. As with other initiatives, planning

and developing a migration road-map is critical. Start by clearly defin-ing the goals of migrating a givenapplication and then identify appli-

cations whose internal characteris-tics are receptive to a cloud, such as those that offer an easy way todeploy new VMs as part of a scale-out approach and that—ideally—are

designed with built-in redundancy.Companies have already had suc-cess with targeted applicationmigration. Retail platforms thatneed quick scale-out to accommo-date peaks in customer demand area good example. Next stakeholders need to agree

on a resource consumption modelfor network, memory, CPU and diskresources that allows for easy adop-tion and acceptance among the vari-ous parties—while also fitting intopotential budget constraints.As you map out the various tech-

nical considerations and your cloudservice-level agreement model,however, you also need to identify

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 25

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY IN THE CLOUD?

JUST AS THE MIGRA-TION TO SERVER VIRTUALIZATION REQUIRED A FLEXIBLEAPPROACH TO ARRIVEAT THE END GAME, THE JOURNEY TO THECLOUD WILL REQUIRENEW TECHNICAL,BUSINESS AND PROJECT MANAGE-MENT SKILLS.

your company’s internal roadblocksto the cloud, such as the securityand compliance requirements thatoften make the prospect of cloudmigration a political hot potato. And applications and data subjectto regulation should be kept in-house. Also carefully consider thedepartments most affected by themove and how to broker theirinvestment in a cloud strategy.Testing your cloud deployment is

also critical. Identify beta users whocan give you a taste of the produc-tion requirements and the snafusyou’ll likely encounter.Finally, remember that users are

at the center of the cloud model.Guaranteeing system and applica-tion uptime and performance arecritical objectives in the success of a cloud migration strategy. �

Mike Laverick is a former VMware instructorwith 17 years of experience in technologies suchas Novell, Windows, Citrix and VMware. He hasalso been involved with the VMware communitysince 2003. Laverick is a VMware forum moder-ator and member of the London VMware UserGroup. Laverick is also the man behind the virtu-alization website and blog RTFM Education,where he publishes free guides and utilities forVMware customers. Laverick received theVMware vExpert award in 2009, 2010 and 2011.Since joining TechTarget as a contributor, Laver-ick has also found time to run the weekly pod-casts “The Chinwag” and “The Vendorwag.” Laverick helped found the Irish and ScottishVMware user groups and now regularly speaksat larger regional events organized by the GlobalVMUG in North America, EMEA and APAC. Lav-erick has published several books on VMwareVirtual Infrastructure 3, vSphere4, Site RecoveryManager and View.

PRIVATE CLOUD E-ZINE • VOL. 1, NO. 4 26

HOME

EDITOR’S LETTER

TRENDS

OPEN SOURCE

IN THE CLOUD:

BOON OR BUST?

NO DEMOCRACY

FOR APPS IN

THE CLOUD?

2 NO DEMOCRACY FOR APPS IN THE CLOUD?

Jo MaitlandExecutive Editor

Michelle BoisvertSenior Site Editor

Lauren HorwitzSenior Managing Editor

Christine CasatelliManaging Editor

Jeannette BeltranEugene DemaitreMartha Moore

Associate Managing Editors

Linda KouryDirector of Online Design

Cathleen GagneEditorial Director

Marc LaplantePublisher

TechTarget Inc.275 Grove Street

Newton, MA 02466www.techtarget.com

©2011 TechTarget Inc. No part of this publication may be transmitted or reproduced in any form or by any meanswithout written permission from the publisher. For permis-

sions or reprint information, please contact Scott Kelly,Associate Publisher, Data Center Media,

TechTarget (skelly@techtarget.com).

SPONSOR RESOURCES

• The Promise of Cloud Computing

• Six Questions Every Executive Should Ask About Cloud Computing

• The right cloud for you: Planning and Building Cloud Environments

See ad page 6

• The Instant-On Enterprise is Here. Let HP & ePlus help you

• ePlus HP Solutions Site

• ePlus Enterprise Cloud Computing Solutions

• Powering Tomorrow’s Cloud with Intel Technologies

• The New CIO Agenda: Intel Cloud Computing Insights 2011

• Security in Cloud Computing