Silver Lining of Cloud Computing

earsplittinggoodbeeInternet και Εφαρμογές Web

3 Νοε 2013 (πριν από 4 χρόνια και 10 μέρες)

53 εμφανίσεις

Silver Lining of Cloud Computing
- Key Principles and Best Practices
CXOs need to evaluate different deployment models, service
models and key characteristics of the cloud to implement the
precise spectrum of cloud systems depending on organization’s
requirements. The key characteristic of cloud computing is its
ability to scale and provision computing power dynamically in a
cost efficient manner. Defining principles and adhering to best
practices are some of the key factors that would greatly
contribute to an optimal realization of the cloud computing
potential. Although this paper is not intended to offer a
comprehensive list of principles and practices concerning cloud
computing, it is an attempt to consolidate the key principles and
best practices of the technology to help minimize issues and
challenges in cloud deployment.
White Paper
2
About the Author
Dr. C. Parthiban
Dr. C. Parthiban is an engagement manager working in TCS’s Global
Consulting Practice Infrastructure Solutions group. He has 14 years of
experience covering a wide range of areas including IT strategy,
Infrastructure Optimization, Architecture Solutions, Systems
Integration and leading large consulting engagements. He holds a
Doctorate in Applied Science from a premier university in Chennai,
India.
3
Table of Contents
Introduction 4
Definition, Deployment and Service Models 4
Definition 4
Deployment Models of Cloud Computing 4
Service Models of Cloud Computing 5
Six Key Principles of Cloud Computing 7
Nine Best practices of Cloud Computing 9
Conclusion 13
References 13
Introduction
Definition, Deployment and Service Models
The information technology industry has witnessed a dramatic transformation over the last 10 years.
Currently, Cloud Computing remains arguably one of the most talked about technology trends and is
expected to have a tremendous impact on IT delivery, hosting environments, and fundamental computing
resources. Further, cloud computing is a relatively eco-friendly technology as IT resources for multiple
customers can be centrally managed, thereby reducing overall energy consumption levels.
As leading organizations exhibit increasing interest in cloud computing, service providers should train
greater focus on providing robust cloud-computing platforms that offer outstanding service delivery..
Depending on an organization’s requirements, CXOs should evaluate different deployment models, service
models, and key characteristics of the cloud to implement the precise spectrum of cloud systems. The full
potential of cloud computing can be achieved through a seamless cooperation between governments,
industry and individual users. Defining principles and adhering to best practices are some of the key factors
that would greatly contribute to an optimal realization of the cloud computing potential.
The objective of this white paper is to propose key building blocks and best practices intended for both
consumers and providers of cloud computing services. The paper also includes a brief discussion of the
definition, deployment and service models pertaining to cloud computing.
Definition
Deployment Models of Cloud Computing
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared
pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that
[1]
can be rapidly provisioned and released with minimal management effort or service provider interaction.
According to the National Institute of Standards and Technology, cloud computing can be deployed using
[2]
any one of the four models described below. :
Private Cloud
The cloud infrastructure is provisioned exclusively for a single organization comprising multiple consumers.
It may be managed by the organization or a third party (or both) and may exist both on the premises or
offsite.
Community Cloud
The cloud infrastructure is shared by several organizations that have shared concerns (e.g., mission, security
requirements, policy, and compliance considerations). It may be managed by a community of these
organizations or a third party (or both) and may exist either on or off premises.
4
Public Cloud
The cloud infrastructure is operated for the general public or a large industry group and is owned by an
organization providing cloud services. It exists on the premises of the service provider.
Hybrid Cloud
The cloud infrastructure is a composition of two or more cloud infrastructures (private, community, or
public) that remain unique entities but are bound together by standardized or proprietary technology that
enables data and application portability (e.g., cloud bursting for load balancing between clouds).
The organization’s scope and control over the cloud computational environment can be affected by the
service models supported by the cloud. Described below are three of the most well-known and frequently
[3]
used service models .
Cloud Software as a Service (SaaS)
The capability provided to the consumer is to use the provider’s applications running on a cloud
infrastructure. The applications are accessible from various client devices through a thin client interface such
as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud
infrastructure including network devices, servers, operating systems, storage or the individual application
capabilities with the possible exception of limited user-specific application-configuration settings.
In the case of SaaS, the usage is measured based on the number of users, the time, per-execution, per-
[1]
record-processed, network bandwidth consumed, and quantity/duration of data stored .
Cloud Platform as a Service (PaaS)
The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or
acquired applications created using programming languages and tools supported by the provider. The
consumer does not manage or control the underlying cloud infrastructure including network, servers,
operating systems, or storage, but has control over the deployed applications and, possibly, the
configuration of the application-hosting environment.
In case of PaaS, the usage is measured based on the number of subscribers, the kind of subscribers (e.g.,
developers vs. application end users), storage, processing, or network resources consumed by the platform,
[1]
requests serviced and the time the platform is in use .
Cloud Infrastructure as a Service (IaaS)
The capability provided to the consumer is to provision processing, storage, networks and other
fundamental computing resources to deploy and run arbitrary software, which can include operating
systems and applications. The consumer does not manage or control the underlying cloud infrastructure but
has control over operating systems, storage, deployed applications and, possibly, limited control over the
selection of networking components (e.g., host firewalls).
Service Models of Cloud Computing
5
6
In case of IaaS, the usage fee is measured based on the per CPU hour, data GB stored per hour, network
bandwidth consumed or infrastructure used (e.g., IP addresses) per hour, and value-added services used
[1]
(e.g., monitoring, automatic scaling) .
Scope and Control
The differences in scope and control between the cloud consumer and cloud provider are illustrated in the
diagram below:
The arrows at the left and right of the diagram denote the approximate range of the cloud provider’s and
consumer’s scope and control over the cloud environment for each service model. In general, the level of
support available from a cloud provider and the scope and control of the cloud consumer are inversely
proportional. i.e., the higher the level of support available from a cloud provider, the more narrow the
control the consumer has over the system.
Services Available
The table given below provides the sample services available for cloud consumers in each of the service
models.
n
nnnnnn
Storage
Content Delivery Networks
Backup and Recovery
Services Management
Platform Hosting
Compute
And Other Services
Iaas
PaaS
SaaS
n
nnnnn
Database
Business Intelligence
Development and Testing
Integration
Application Deployment
And Other Services
n
nnnnnn
ERP
Human Resources
BillingSalesCRMContent Management
And Other Services
Cloud Provider
Cloud Consumer
laaS
PaaS
SaaS
SaaS
PaaS
laaS
Application Layer
Middleware Layer
Operating System Layer
Six Key Principles of Cloud Computing
The cloud computing technology continues its rapid transition from an exciting unrealized concept to a practical,
cost-effective, innovative, and efficient solution. One of the key features of cloud computing is its ability to scale
and provide pay-as-you-go computing resources based on the dynamic requirements of an organization.
Even as cloud computing evolves at a swift pace, the information technology industry still requires a
comprehensive, clear-cut analysis on how this computing paradigm can influence and impact organizations and
how it can be incorporated with existing technologies. Although the cloud presents tremendous opportunities
and value for organizations, usual IT requirements (security, integration, and so forth) still apply. In addition, new
issues may arise because of the multi-tenant nature (information from multiple companies may reside on the same
physical hardware) of cloud computing, the merger of applications and data, and the fact that a company’s
workloads might reside outside of their physical on-premise data center.
Although cloud computing offers great opportunities, it should be noted that its effective implementation poses
several risks and barriers. Further, cloud providers should realize that the full potential of cloud computing can be
realized only by ensuring that it remains open, interoperable and portable.
Described below are a set of core principles and best practices intended for CXOs, governments, IT users and
organizations that are looking to employ cloud computing.
Every cloud consumer presents a unique set of requirements, which creates significant challenges when defining
principles for every aspect and creating a single standard cloud. Moreover, there are six key principles that must be
[4]
adhered to ensure the cloud is open and meets the choice, flexibility, elasticity and agility of the organization :
7
Leverage standards for Cloud Adoption.
Principle 1
Statement
Implications
Cloud providers must work together to ensure that the challenges to cloud adoption
(security, integration, portability, interoperability, governance/management,
metering/monitoring) are addressed through open collaboration and the
appropriate use of standards.
Large organizations will be able to integrate cloud computing into existing IT
systems and applications with minimal impact on issues such as security,
interoperability, data management and measurement criteria.
Eliminate vendor-lock-in risks.
Principle 2
Statement
Implications
Cloud providers must ensure that they do not misuse their market position to lock-in
customers to their platforms and limit their choice of providers.
When an organization chooses a provider or architecture or usage model, an open
cloud will make it easier for them to switch to a different provider or architecture. If
the organization needs to change providers they can do so easily.
8
Avoid reinventing standards.
Principle 3
Statement
Implications
Cloud providers must use and adopt existing standards wherever appropriate. The IT
industry has invested heavily in existing standards organizations; there is no need to
duplicate or reinvent them.
It will reduce challenges pertaining to the adoption of cloud technology and the
lead times associated with moving from in-premise data centers to the cloud-
computing environment.
Define standards on demand.
Principle 4
Statement
Implications
When new standards (or adjustments to existing standards) are needed, we must be
judicious and pragmatic to avoid creating too many. We must ensure that standards
promote innovation and do not inhibit it.
Standards and polices need to be defined only for matured technologies and
processes to avoid rework.
Address customer-centric needs.
Principle 5
Statement
Implications
Any community effort around the open cloud should be driven by customer needs,
and not merely the technical needs of cloud providers, and should be tested or
verified against real customer requirements.
Organizations should ensure that the new standards and polices are defined only on
the basis of cloud customer requirements to avoid unnecessary effort and costs.
Ensure optimal governance and management.
Principle 6
Statement
Implications
Cloud computing standards organizations, advocacy groups, and communities
should work together and stay coordinated, ensuring that efforts do not overlap.
Organizations should employ appropriate management practices and controls when
undertaking cloud computing. Strong management practices are essential for
operating and maintaining a robust cloud computing solution. Monitoring the
organization’s information system assets and assessing the implementation of
policies, standards, procedures, and guidelines will ensure the continued
deployment of appropriate standards.
9
Nine Best Practices of Cloud Computing
As cloud computing gains in popularity, organizations are likely to use different types of cloud services.
Applications might use a cloud storage service, a cloud message queue and even manage virtual machines
running in the cloud. Cloud computing technologies can be implemented in a wide variety of architectures,
under different service and deployment models, and can coexist with other technologies and software
design approaches. The challenges and issues in implementing cloud computing are formidable, especially
for public clouds whose infrastructure and computational resources are owned by an outside party that
provides those services to the general public consumers.
Instituting best practices for such services would be valuable and offer a basis for utilizing the potential of
cloud computing to the maximum extent. As per the industry practice of deployment and service models,
[5]
the most common cloud scenarios are as follows :
n End User to Cloud
Applications running on the cloud and accessed by end users.
n Enterprise to Cloud to End User
Applications running in the public cloud and accessed by employees and customers.
n Enterprise to Cloud
Cloud applications integrated with internal IT capabilities.
n Enterprise to Cloud to Enterprise
Cloud applications running in the public cloud and interoperating with partner applications (supply
chain).
n Private Cloud
A cloud hosted by an organization inside that organization’s firewall.
n Hybrid Cloud
Multiple clouds work together, coordinated by a cloud broker that federates data, applications, user
identity, security and other details.
n Changing Cloud Vendors
An organization using cloud services decides to switch providers or work with additional providers
The above scenarios are defined based on their requirements and features. Described below are some of the
best practices that can be employed in cloud computing scenarios.
l
lll
l
l
l
10
Best Practice 1
Cloud Feature
Description
Metering and Monitoring
In a measured service, aspects of the cloud service are controlled and monitored by
the cloud provider. This is crucial for billing, access control, resource optimization,
capacity planning and other tasks. All cloud services must be metered and
monitored for cost control, charge backs and provisioning except for end user to
cloud scenario.
Best Practice 2
Cloud Feature
Description
Management and Governance
It is a straightforward process to open an account and begin using cloud services on
the public cloud. This might create the risk of individuals in an enterprise using cloud
services for unlawful purposes. Managing VMs and cloud services such as storage,
databases and message queues effectively is needed to track the services being used.
Governance is a crucial criterion to ensure that policies and government regulations
are followed wherever cloud computing is used. Industry and geography-specific
requirements are other types of governance. Cloud consumers must rely on the cloud
provider to enforce policy and governance through technical means that are "baked
into" the infrastructure as IaaS. Management of VM and governance of polices and
other regulations should be enforced in all the cloud computing scenarios except for
the end-user to cloud scenario.
Best Practice 3
Cloud Feature
Description
Security
Cloud computing scenarios involving an enterprise will usually have more
sophisticated security requirements than those involving a single end user. Similarly,
relatively more advanced enterprise-based cloud scenarios will have equally advanced
security requirements. It is mandatory to have world class security in all the cloud
computing scenarios.
To achieve the necessary security, cloud service providers must adopt comprehensive
security practices and procedures including:
Well-recognized, transparent and verifiable security criteria.
Robust identity, authentication and access control mechanisms commensurate
with the level of sensitivity of the data.
Comprehensive and ongoing testing of security measures before and after
deployment.
n
n
n
11
Best Practice 4
Cloud Feature
Description
Virtual Machine (VM) Image Format
A VM created for one cloud vendor’s platform should be portable to another
vendor’s platform. Any solution to this requirement must account for differences in
the ways cloud vendors attach storage to virtual machines
Application Programming Interfaces (APIs) for images must support uploading,
deploying starting, stopping, restarting, and deleting images. Infrastructure
management APIs that control details such as firewalls, node management, network
management and load balancing should be portable across all cloud computing
scenarios except end user to cloud scenario.
Best Practice 5
Cloud Feature
Description
Cloud Database API
The enterprise cloud scenarios require common APIs for access to cloud storage
services. Writing custom code that works only for a particular vendor’s cloud service
locks the enterprise into that vendor’s system and eliminates the financial benefits
and flexibility that cloud computing provides. Common cloud storage APIs should
be in place for all cloud computing scenarios except end user to cloud and private
cloud scenarios.
Best Practice 6
Cloud Feature
Description
Cloud Database API
APIs for connecting, creating and eliminating databases and tables should be
consistent. Cloud database vendors have enforced certain restrictions to make their
products more elastic and limit the possibility of queries against large data sets that
consume significant processing resources. For example, some cloud databases do
not allow joins across tables, and some do not support a true database schema.
Those restrictions are a major challenge to moving between cloud database
vendors, especially for applications built on a true relational model. It is, therefore, a
best practice to have common cloud database APIs in place for all cloud computing
scenarios except end user to cloud and private cloud scenarios.
12
Best Practice 7
Cloud Feature
Description
Data and Application Federation
Federation is the act of combining data or identities across multiple systems.
Federation can be done by a cloud provider or by a cloud broker. Enterprise
applications should combine data from multiple cloud-based sources, and they
should coordinate the activities of applications running in different clouds. Private
cloud and end user to cloud scenarios need not combine data from multiple systems.
Best Practice 8
Cloud Feature
Description
Service Level Agreement (SLA)
An SLA is a contract between a provider and a consumer that specifies consumer
requirements and the provider’s commitment to them. Typically, an SLA includes
items such as uptime, privacy, security and backup procedures.
In addition to the basic SLAs required by end users, another best practice for
enterprises that enter into contracts is to establish a standard process for
benchmarking performance. There must be an unequivocal way of defining what a
cloud provider will deliver, and there also must be an unambiguous way of
measuring and monitoring what was actually delivered.
A machine readable language for SLAs is one of the standard formats for expressing
an SLA. In case of hybrid computing, this allows the cloud provider to select
resources according to the consumer’s terms without human intervention.
Best Practice 9
Cloud Feature
Description
Life Cycle Management
Enterprises must be able to manage the lifecycle of applications and documents. This
requirement includes versioning applications and the retention and destruction of
data. Discovery is a major issue for many organizations. There are substantial legal
liabilities if certain data is no longer available. In addition to data retention, an
enterprise may be interested in destroying data at some point. Many organizations
have legal requirements that data must be kept for a certain period of time. Some
organizations also require that data be deleted after a certain period of time. Cloud
providers must be able to prove they are compliant with these policies.
It should be noted that private cloud and end user to cloud scenarios do not require
life cycle management processes.
13
Conclusion
Cloud computing technology has the potential to greatly influence the systems and networks of
organizations. The key characteristic of cloud computing is its ability to scale and provision computing
power dynamically in a cost efficient manner. The continuous growth in cloud computing would undeniably
culminate in IT innovation and such innovation should be guided by principles and best practices towards
openness, interoperability and portability. Although this paper was not intended to offer a comprehensive
list of principles and practices concerning cloud computing, it was an attempt to consolidate the key
principles and best practices of the technology to help minimise issues and challenges in cloud deployment.
References
[1] DRAFT Cloud Computing Synopsis and Recommendations, Recommendations of the National Institute of Standards and Technology, Special Publication 800-146, May 2011
[2] NIST Cloud Computing Standards Roadmap Version 1.0, NIST, Special Publication 500-291, July 2011
[3] Guidelines on Security and Privacy in Public Cloud Computing, NIST, Jan 2011
[4] Open Cloud Manifesto, http://www.opencloudmanifesto.org/
[5] Cloud Computing Use Cases, Cloud Computing Use Case Discussion Group Version 4.0, July 2010
All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is
correct at the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed in
any form without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark and
other applicable laws, and could result in criminal or civil penalties. Copyright © 2012 Tata Consultancy Services Limited
TCS Design Services M 01 12III
IT Services
Business Solutions
Outsourcing
Subscribe to TCS White Papers
TCS.com RSS: http://www.tcs.com/rss_feeds/Pages/feed.aspx?f=w
Feedburner: http://feeds2.feedburner.com/tcswhitepapers
Contact
For more information about TCS’ consulting services, contact
or visit global.consulting@tcs.com,www.tcs.com/consulting
About TCS’s Global Consulting Practice
TCS’s Global Consulting Practice (GCP) is a key component in how TCS delivers additional value
to clients. Using our collective industry insight, technology expertise, and consulting know-
how, we partner with enterprises worldwide to deliver integrated end-to-end IT enabled
business transformation services.
By tapping our worldwide pool of resources - onsite, offshore and nearshore, our high caliber
consultants leverage solution accelerators and practice capabilities, balanced with our
knowledge of local market demands, to enable enterprises to effectively meet their business
goals.
GCP spearheads TCS's consulting capacity with consultants located in North America, UK,
Europe, Asia Pacific, India, Ibero-America and Australia.
About Tata Consultancy Services (TCS)
www.tcs.com
Tata Consultancy Services is an IT services, consulting and business solutions organization that
delivers real results to global business, ensuring a level of certainty no other firm can match.
TCS offers a consulting-led, integrated portfolio of IT and IT-enabled infrastructure, engineering
TM
and assurance services. This is delivered through its unique Global Network Delivery Model,
recognized as the benchmark of excellence in software development. A part of the Tata Group,
India’s largest industrial conglomerate, TCS has a global footprint and is listed on the National
Stock Exchange and Bombay Stock Exchange in India.
For more information, visit us at