Cloud options for IT that IT will love
- 17 February, 2009 09:51
Back in 1991, before the Internet was a big deal, Ohio State University technologist Jerry Martin signalled the nascent Internet's value with an official standards document entitled "There's gold in them thar networks!" ( RFC1290) Although simmering as an academic tool for years, the Internet had not yet triggered a significant paradigm shift for commercial computing. Martin's formal proclamation was an early push to business, which eventually embraced Internet commerce wholeheartedly.
Cloud computing promises a similar, if not equivalent, kick in the paradigm, by shifting fundamental IT infrastructure from on-site, hands-on servers, disks, and networks to off-site, ephemeral cycles, bits, and bandwidth. That transition hasn't happened yet, but many pundits see it as inevitable. The main barrier is the cloud's unproven reliability -- IT is loathe to put all the corporate computational jewels in a vapor-lined basket.
If the cloud isn't yet ready to take on traditional business tasks, does it have value to IT? Yes, it turns out. The cloud is full of resources that IT can use for its own purposes, from help-desk ticketing to disaster recovery.
As with early Internet adopters, IT shops have found the nascent cloud full of golden nuggets worth mining. The three primary cloud services identified in an analysis of 2008 cloud developments -- infrastructure services, software as a service (SaaS), and development platforms as a service -- provide a slew of labor- and cost-saving options for harried IT managers.
The cloud's many useful tools for use by IT itself
Many an IT project starts with a month-long equipment acquisition timeline, followed by another month of installation, configuration, and setup. This front-end burden is often the kiss of death for smaller tasks. Two of the salient features of infrastructure cloud services -- instant provisioning and scaling -- head this problem off at the pass.
At its most basic level, infrastructure cloud providers sell the nuts and bolts of IT on a pay-as-you-go basis: server CPU cycles, storage gigabytes, and bandwidth megabits per second. These cloud services give customers the ability to launch self-contained application environments -- servers, storage, and network connectivity -- in minutes. Providers like Amazon.com, IBM, and Sun Microsystems deliver this utility-computing capability in the form of raw servers that you configure and manage yourself.
By themselves, these infrastructure components leave a lot to be desired. Yes, they save you the time and expense of capital equipment deployment, but you're stuck with the same configuration and integration chores as before. Worse, you have to perform these tasks remotely, and you carry the burden of bandwidth bottlenecks and strange new security risks. For steady-state workloads that can't take advantage of the cloud's rapid scaling capabilities, the effort hardly seems worth the trouble.
Page BreakBut the cloud value proposition changes dramatically when you factor in preinstalled, preconfigured virtual appliances, supplied by an army of third-party developers and conveniently delivered as ready-to-boot virtual disk images. We're not talking about major line-of-business applications such as CRM here, but IT-centric tools that frequently fall off the budget due to deployment costs. Help-desk ticketing, network management, vulnerability assessment, and enterprise knowledgebases are just a few of the applications you can spin up in the cloud in just minutes.
These applications fall into three broad categories: unsupported free open source software (FOSS), supported FOSS, and full commercial offerings. In the unsupported FOSS category are popular network administration tools such as Nagios, Cacti, and MediaWiki. Third-party cloud enablers such as JumpBox sell these same FOSS apps and dozens of others as support subscriptions for just a few hundred dollars a year. Virtual appliance migration tools such as Citrix's Kensho and RPath's rBuilder provide physical-to-virtual (P2V) migration engines that let you move most any FOSS appliance to an infrastructure service such as Amazon's EC2.
Not all of these applications benefit from offsite hosting, but some definitely need it. For example, Tenable Network Security's Nessus vulnerability assessment tool by definition resides outside your network, where it simulates hacker attacks to ferret out any border security weaknesses. But often the initial savings in time and labour are enough to justify even simple cloud-basing projects.
A number of hybrid service products are appearing as well -- a cross between FOSS and commercial software, offering both customer-managed cloud deployment and vendor-managed SaaS. Kayako offers its line of help-desk portal products as purchasable software -- including the source code -- and as a fully managed hosted service. Clients are free to move their data between items, and thus can start out with the managed service for less than $50 per month and migrate to a self-managed cloud deployment when their needs warrant.
Gain cheaper emergency preparedness with cloud-based disaster recovery
A down economy and constricting budgets tend to force spending cuts in areas that don't contribute directly to the bottom line. One of the first cuts many organizations make is to expensive disaster recovery services. You might think such economies ill-advised, but the conventional wisdom is that your enterprise's existence trumps business continuity concerns. The $5,000-per-month hot site that never gets used represents a job or two, and thus becomes an attractive target.
Page BreakBut it need not be that way. Infrastructure virtualization theoretically lets you replicate your business processes in the cloud, where they can lie dormant at very low cost until you need them in a disaster. The emphasis here is on "theoretically." Moving physical applications to the cloud and keeping cloud-resident data reasonably up-to-date requires considerable skill and finesse. You trade "instant failover" for dramatically lower monthly costs, but keep the peace of mind that comes from knowing your business DNA is safely archived in a distant state or country.
The skills needed for cloud disaster-recovery implementation are within the abilities of most IT technologists, but if your company is small and consultant-dependent, you'll have to get outside help. Consulting firms are stepping up to the plate, creating cloud-oriented disaster-recovery service packages that handle the headaches for less-sophisticated users, while still reaping the bulk of cloud economies of scale.
One constraint of such services is a client's local Internet connection speed. But speeds are increasing as costs plummet, especially as fiber connectivity options penetrate business markets; most are adequate for nighttime backup synchronization. One consultancy that offers a cloud-based disaster recovery service, CompuVision, uses a 100Mbps Internet service center to provide fast data transfers during an outage, for example.
Run your app directly on a cloud to lose infrastructure hassles
A few cloud providers -- Microsoft and Google among them -- foresee application development moving straight to the cloud, bypassing the traditional server-OS-storage platform. Although not yet ready for prime time, Microsoft's Azure aims to leverage the skill set of existing .Net developers to let them code, test, and deploy applications without concern for the OS or hardware on which they run. InfoWorld's Test Center drive of Azure finds its architecture well conceived but concludes that it's too soon to predict its role as a major cloud offering.
Google's much more lightweight App Engine, also only available in beta but slightly more baked than Azure, focuses on a much smaller audience: Python developers. Billed as a thin layer of Web-enabled Python with fat Internet connectivity and automatic performance scaling, this is an easier tool for most developers to get their arms around.
Software engineering consultant Denny Bollay has examined both Amazon's EC2 and App Engine: "EC2 is fine for what it is, but someone has to play system administrator, a chore that software engineers don't want. App Engine looks like a nice first cut at a streamlined cloud application platform environment, but it has issues like cost prediction and vendor lock-in. What I really am looking for is a cross between Amazon's nonproprietary cloud and Google's cloud compiler with BigTable database. And I'd like to see data providers in the mix, delivering real-time streams of weather, stocks, news, and the like that I can process on the fly in App Engine or its equivalent. Cloud-seeding, as it were."
Page BreakAlthough Microsoft's Azure supports open Web application standards, such as REST and AJAX, App Engine has spawned a fledgling open source community with actual FOSS App Engine components. Many of these are variations on the Google-supplied (and FOSS) Gaeutilities and provide various computational widgets that simplify App Engine development. Others, such as Nuages, cpedialog, and KGPL, are full-blown Web applications that you can run as is or use as a starting point for your own apps.
Cloud computing's caveats emptor
Cloud computing has some attractive low-hanging fruit for IT shops, but you should take care to count the cost before deploying in today's cloud marketplace. Some cloud computing risks are easily discerned: reliability, security, and performance. It's too soon to put mission-critical apps in the cloud unless you do the necessary homework to ensure adequate failover mechanisms, and that any sensitive data meets the ethical and legal standards for which you're accountable. Thoughtful preparation can keep you out of the cumulus-granite, but you should select applications that can tolerate a modicum of outages. Some will occur as a result of your own human error, but others will be disturbances in the clouds themselves.
A second potential pitfall is cost containment. Cloud providers are in the business of selling services, not aiming to minimize your expenses. It's your responsibility to closely track costs, and if you don't keep an eye on metered services, you can find a hefty bill in your inbox. Cloud purveyors don't make cost tracking easy. Amazon, for example, provides an excruciatingly detailed log of every CPU minute consumed, data byte stored, and megabyte transferred, but it provides no cost calculations for those statistics. You get a lump sum bill for each Amazon service you use -- EC2, S3, and so on -- with no detailed explanation of charges.
The second driver of unexpected cloud expense is the cloud's own ease of use. Spinning up a server -- or 10 -- only takes a minute. But servers stay spinning, and clocking dollars, until you turn them off. Third-party cloud management services like Rightscale and Elastra can automate the cost accounting process, as well as set hard spending limits. But you pay for that convenience -- a minimum of $500 per month for Rightscale's auto-scaling cloud management console, for example.
As long as you keep these precautions in mind, there's no reason not to leverage cloud services to shorten your IT hit list today.