This is the second article on this year’s TiECon conference. It is focused on selected presentations and panel sessions from the Cloud track on May 15th. That track covered planning, operational challenges of cloud infrastructure, business and technical challenges of migrating services to the cloud, and the still problematic state of cloud security (which is badly lagging the advances in compute, storage and even networking).
The first article on 2015 TiECon summarized the two opening Grand Keynotes. It can be read here.
Keynote on Enterprise Cloud Trends: Mark Interrante, VP of HP’s Cloud Business Unit Operations
Interrante is driving HP’s OpenStack movement directed at Cloud Computing. The HP Helion Platform¹ is a combined Infrastructure as a Service (Iaas) and Platform as a Service (PaaS) offering for cloud-native workloads. Helion is based on very popular open source projects in OpenStack® and Cloud Foundry™. Mr. Interrante described HP’s Helion offering as a hybrid cloud, which combines the flexibility and convenience of public cloud with the security and control of private cloud.
Note 1. HP states that Helion is:
“A private cloud that enables IT to protect sensitive information, control and broker services across multiple clouds, and deliver exceptional cost advantages. A private cloud that is proven today and delivering on the vision for tomorrow. A vision for a Hybrid World. That cloud is HP Helion.”
“The path to hybrid begins with a private cloud, built on open-standards, using opens source software and designed for compatibility and interoperability from the start,” Interrante said. He enumerated several advantages of open source code, including: software transparency, increased security, being viewed by “many eyes,” code re-use, and open cryptography.
For years, security has been the biggest issue for cloud users – much more so for public than for private cloud. “Security is a prominent concern for all businesses and organizations of every size,” Mark said. The concern is certainly valid as 2014 was “the year of the breach,” which have accelerated since 2011.
“Cloud security is NOT one size fits all. It’s critically important to understand how to isolate a fleet of (cloud) services and applications you use,” he added. Other points Mark made related to cloud security:
- Security must be provided in, under, across and to/from the cloud or interconnected clouds used by the enterprise customer(s).
- The security strategy must go beyond compliance in that it has to go beyond just following compliance procedures.
- Threats include: data breaches, data loss, account or service hacking, insecure interfaces and/or APIs, Denial of Service (DoS) attacks, malicious insider attacks, abuse of cloud services, insufficient due diligence, shared technology vulnerabilities.
- HP has active Threat Intelligence & Research teams that are working to improve security for their products and services.
In response to the moderator’s question on “dockers² and “containers,” Mark replied: “Docker type containers have had the fastest uptake and most interest than any new software) technology.”
Note 2. Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on the Linux real-time operating system.
In summary, Mark said:
“Cloud is driving innovation, changing the IT landscape, and transforming the way companies do business (e.g. everything “as a service”). Every organization is becoming a software company built on cloud computing and storage. The proliferation of mobile devices, connected consumers and machines has spawned new business models based on cloud. IoT will accelerate that trend.”
Cloud Market Trends and Needs:
This panel of IT managers & a CIO addressed issues related to large-scale cloud deployments and problems that they are facing, especially cyber security. Alan Boehme, CIO (Global IT) & Chief Enterprise Architect at Coca-Cola Co. provided by far the most valuable information. To wit:
- It’s very hard to move legacy applications to the cloud.
- Public cloud is a quick and easy way to develop new apps, especially for start-ups.
- Hybrid cloud model is probably best for mid size companies that are able to segregate their computing and storage needs between private/mission critical and secondary/tertiary apps.
- Level of security is limited on Public clouds.
- Public cloud issues include: providing the equivalent of an indemnification clause; reliability, robustness, and performance of Open Source software used; skill set needed for cloud security.
Suneet Nandwani, Sr. Director of Cloud at Ebay, noted that Ebay/PayPal uses an internal Private Cloud. That’s largely because they can guarantee a higher level of security (vs a Public or Hybrid Cloud). Suneet mentioned that hardware level security (e.g. built into various SoCs) is desirable and available from ARM, Intel, Freescale, and others.
Nandini Ramani, VP, Engineering at Twitter, said “Twitter has a Private Cloud, but is finding it hard to absorb start-ups. We have a tendency to shift to Public Cloud, but will first move to a Hybrid Cloud.” Nandini noted what most public cloud users are well aware of: “the tools on Amazon AWS³ are not available anyplace else.”
Note 3: In the 2015 Magic Quadrant for Cloud Infrastructure as a Service, Worldwide, Gartner Group placed Amazon Web Services in the “Leaders” quadrant and rated AWS as having both the furthest completeness of vision and the highest ability to execute. AWS groups its data centers into “regions,” each of which contains at least two availability zones. It has regions on the East and West Coasts of the U.S., and in Germany, Ireland, Japan, Singapore, Australia, Brazil, and (in preview) China. It also has one region dedicated to the U.S. federal government. It has a global sales presence.
From the Gartner Group report:
“AWS has a diverse customer base and the broadest range of use cases, including enterprise and mission-critical applications. It is the overwhelming market share leader, with over 10 times more cloud IaaS compute capacity in use than the aggregate total of the other 14 providers in this Magic Quadrant. This has enabled it to attract a very large technology partner ecosystem that includes software vendors that have licensed and packaged their software to run on AWS, as well as many vendors that have integrated their software with AWS capabilities. It also has an extensive network of partners that provide application development expertise, managed services, and professional services such as data center migration.
AWS is a thought leader; it is extraordinarily innovative, exceptionally agile, and very responsive to the market. It has the richest array of IaaS features and PaaS-like capabilities. It continues to rapidly expand its service offerings and offer higher-level solutions. Although it is beginning to face more competition from Microsoft and Google, it retains a multiyear competitive advantage. Although it will not be the ideal fit for every need, it has become the “safe choice” in this market, appealing to customers who desire the broadest range of capabilities and long-term market leadership. It is the provider most commonly chosen for strategic adoption.”
Hybrid Cloud leaves the user in an “awkward state,” where you’re not managing your own destiny (on the Public portion) nor fully taking advantages of popular services and applications for Public Cloud.
Mr. Boehme said that orchestration is missing from many Cloud offerings, especially those that span multiple clouds. [Orchestration involves the automated arrangement, coordination, and management of applications, services, processes, and workloads. A cloud orchestrator is “software that manages the interconnections and interactions among cloud-based and on-premises compute/storage. Cloud orchestrator products use workflows to connect various automated processes and associated resources.”]
“We have the same set of network technologies and tools for the last 15 years and need new ones.” Alan said. He doesn’t believe SDN is the answer. “SDN will take a long time to be adopted by large enterprise customers,” he added.
Mr. Nandwani says the cloud has had a huge impact on eBay/PayPal. Approximately 90% of PayPal’s front end customer facing interace is based on cloud. A key requirement for PayPal’s cloud infrastructure was the ability to scale quickly without compromising availability or agility. OpenStack is playing a major role in PayPal’s vision by enabling a Private Cloud that helps the company’s developers quickly respond to its customers’ increasing demands and constantly changing needs, while developing a stable platform for customers to pay for their purchases.
Cloud Architecture and Technology Trends:
The panelists in this session covered cloud architectural issues from both the vendor (HP, Cisco), networked data center operator (Equinix) and cloud start-up (The Fabric) perspectives. The participants were:
- Atul Garg, Vice President & GM at Hewlett-Packard
- Ken Owens, Chief Technology Officer, Cloud Infrastructure Services at Cisco Systems
- Sindhu Payankulath, VP, Global Network Engineering & Operations at Equinix
- Prem Talreja, Marketing & Business Development Advisor at The Fabric
Here were the key points made:
HP: Use cloud to automate routine tasks to improve data center operations. The real challenge is how to create a platform to automate delivery of web services that are customized to individual company demands.
Equinix: We manage a multi-vendor network that connects the data centers we rent. Our customers get: compute power, storage, space, power, interconnection of compute/storage resources. Sindhu is responsible for three Equinix regional operations areas (AMER, EMEA and APAC) as well as Global Service Delivery.
While not mentioned by Sindhu, Equinix offers “Cloud Exchange.” which provides “secure, direct, flexible connections to a wide range of cloud service providers.” It’s described by Equinix as “an advanced interconnection solution that enables seamless, on-demand, direct access to multiple clouds from multiple networks in more than a dozen locations around the world.” Please see Addendum below.
Cisco: The biggest problem cloud solves is “to help businesses become more agile to enable them to quickly change and pivot.” Cisco is trying to provide a “cloud interconnect” capability to meet that need. The goal is to let customers create, run, maintain, and change cloud resident applications.
HP: Large companies running IBM mainframe applications are NOT going to move to cloud computing. However, midsize companies can shorten the time to provision a server by moving to Private Cloud (which of course HP provides). Atul didn’t even mention Public Cloud which might be a better choice for SMBs.
Cisco: Public cloud is outside of a company’s security and governance policy and compliance domains. As a result, “Private cloud is much more popular than most people realize.” Cisco believes there’s a 60/40 split between Private and Public clouds, which might grow to 50/50 in the next few years. Interestingly, there was no mention of Hybrid cloud or where that might fit for medium size companies.
Mr. Owens identified two huge “gaps” in Cloud:
- Too many tools and options to quickly develop new applications that run in the cloud (resident data centers).
- Orchestration of legacy systems with new ones.
Cisco is using OpenStack, while VMWare and Equinix were said to be using Open APIs (?).
HP: Customers want to build a Private cloud to operate their compute/storage requirements and then optimize them. HP also sees two huge cloud gaps, but they are different from those identified by Cisco above. From HP’s perspective the cloud gaps are:
- Ability to dynamically move workloads from Private to Public Cloud (with the computational results often returned to the Private cloud). “We’re not there yet,” Atul said. There was no mention of the technique called “cloud bursting” which was supposed to accommodate such dynamic, back and forth movement of workloads and results between Private and Public clouds. Evidently, that isn’t happening – at least not on a large scale.
- Governance: how to abstract out policies and then develop security to meet them. “The industry needs to figure out how to automatically lock down servers that have been compromised,” he added.
HP recommends migrating workloads from Amazon or VMWare clouds to OpenStack based cloud platforms (like theirs, of course). They suggest the foundation of such a cloud platform be a combination of Open Source + Cloud Foundry4 + OpenStack.
Note 4. Cloud Foundry is the industry’s Open PaaS (Platform as a Service) and provides a choice of clouds, frameworks and application services. As an open source project, there is a broad community both contributing and supporting Cloud Foundry.
In a whitepaper titled: What to Know Before You Migrate to Cloud, Lauren Gibbons Paul proposes a list of questions for cloud service providers that are related to security and compliance. Specific questions should be specific to an organization, industry and compliance requirements, but Lauren suggest these basic one’s first:
- How much experience do you have in data center services? And in what industries?
- Do you have experience in our industry with customers that have similar compliance needs?
- Where will my cloud data reside? Do you own your data centers, or do you lease from a third party?
- Do you have industry-leading physical and logical security? Describe technologies used and best practices for both types of security.
- Do you use industry standard methodologies like ITIL (Information Technology Infrastructure Library)? What is your security and data reliability track record?
- How fast could you recover in the event of a successful attack or disaster?
- How transparent are you with customers?
Do you have a third party certify your security measures and compliance with industry regulations like Sarbanes–Oxley Act of 2002?
The third and final article in this 2015 TiECon series will be on highlights of the IoT track and Cisco’s closing IoT Keynote speech, which clearly defined IoE (Internet of Everything) and gave a glimpse of where Cisco is investing in this space. That and all other Viodi View articles by this author can be read here.
.Addendum: Email received May 31, 2015 from Equinix on their Cloud offering:
“The cloud paradigm is not a passing fad. Most enterprises are in the process of figuring out how to adopt the cloud model for agility and elasticity reasons. In many cases, their move to the cloud is also multi-cloud in nature. That is, the applications span across multiple private and public clouds because all the data and processing needs cannot be fully satisfied by the services hosted within a single cloud. For many of these workloads, the CIOs mention that they cannot use the public Internet because their high performance, availability and security requirements cannot be adequately satisfied.Equinix Cloud Exchange, an SDN driven platform, provides a high performance, secure, and highly available alternative to the public Internet that is available globally across multiple markets. Furthermore, Equinix Cloud Exchange allows enterprises to get access to all the major Network Service Providers and Cloud Service Providers in a timely (a couple of days instead of weeks) and cost effective (using a single port versus separate dedicated lines) manner. Equinix Cloud Exchange currently is integrated with most of the major Cloud Service Providers with respect to provisioning and service assurance, and it can be accessed both via a portal and also APIs.”