Transcript of "Dr. Michael Valivullah, NASS/USDA - Cloud Computing"
Disclaimer All the opinions expressed andinformation provided by me in this event are personal. I am not representing anyone or any entity, private, public or otherwise. Any identification, mention of name or brand is not an endorsement or recommendation. Your own due diligence is recommended.
What is ‘Cloud Computing’? ‘Leasing’ what one needs in a standardized environment.7/31/2011 Cloud Computing - A Primer 3
Analogous to Electricity Availability on Demand Broad Network Access Rapid Elasticity Measurable Service Pooled Resources (Network, Compute, Storage..) Pay for what is usedCloud Computing = Utility Computing 4
‘Cloud Computing’- Definition ‘Cloud computing’ is a model for enabling: Ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction (NIST Pub. 800-146, 2011).7/31/2011 Cloud Computing - A Primer 5
Another Definition‘The cloud is a flexible and scalable shared environment that uses virtualizationtechnologies to create and distributecomputing resources to users on an asneeded basis, accessed via the internetbrowser and distributed over the network’. - Stratecast, Frost and Sullivan (2010)
IaaS Features Main Users• Customers do not manage • System Administrators HW• Move $$ from Resources: CAPEX > OPEX Servers, storage, networking, OS, virtualization & file systems
PaaS Features Main Users• Platform used to develop, • Developers test and deploy services over the internet Resources: Devt. and Test tools Databases and Middleware Infrastructure SW
SaaS Features Main Users• CRM, HRM, eMail, • End Users Communication, Collaboration, Office Resources: Productivity Suites and Other Apps – Deployed in Business, operational and hosted environment – administrative applications licensed based on Subscription – Pay and Play
Current IT State• Lengthy time to provision resources > Soln: Reduce provisioning time• IT capacity – needs peaks and valleys hi/lo demand > Soln: Even out resources use/release resources as needed• Internal IT staff – do not have the right skill set, time and or not enough staff to meet new business demands in a reasonable time and cost > Soln: Cloud Services
Cloud Benefits• Drives - Agility; Automation; Self-Service• Decreases - Business Pain Points, Increases efficiency (earlier time to market or implementation of a new process, business solution)• Forces - IT + Business Cooperation• Increases Standardization (e.g., apps, DBs)• Decreases Complexity
Private Cloud Why choose a Private Cloud?•Peace of mind. Feel ‘secure’ in their cloud •Are risk averse and / or have mandates • Flexibility, Self-Service, Integration, Automation, and Metering •3rd Party options (hosting) available or •In a wait and see mode•In future they may become hybrid - trend
Private Cloud - PollSurvey Question:Will your org. be pursuing a privatecloud computing strategy by 2014? Yes = 78%May be = 17% No = 5 % - Gartner, 2011
Private Cloud1. Not Just virtualization2. Not Necessarily decrease cost3. Not Always ‘on premise’4. Not Just Iaas or PaaS5. May Not Always stay private
Public Private – HighlightsPublic Cloud Private Cloud• Minimal capital • More control and less risky requirement • More Security and Audit• Usually cost-effective capability because of high numbers of • Not necessarily cost- users effective (less users = more• Capacity can scale way up cost) needs volume to be and down viable• Usually independent data • Onsite / Hosted center
PUBLIC CLOUD PERFORMANCE Not all public clouds are created equal Buyer/Subscriber Beware Why?
PUBLIC CLOUD PERFORMANCE1. Bing: 2 sec decrease in search results decrease 4.3% revenue per customer2. Google: 400 msec delay (less than a blink of an eye) in presenting search results decreases number of searches by user .59%3. AOL: User views 50% more pages in a fastest page loads than a slowest page load.4. Shopzilla: Accelerated page load from 7 to 2 secs, revenue increased 7 – 12 %
PUBLIC CLOUD PERFORMANCE5. Auto Anything: Web-based auto parts supplier Measured Customer Revenue and Satisfaction• Page load time decrease form 12 to 7 secs• Increased 29% more likely to buy on 1st visit• And 38% returned for more business – repeat customers
Cloud – Is this for real?Thinking of Past Technologies and Hypes ?Many are still around, evolved and some gone:1. Internet, WWW, IP v4, IP v6, TCP/IP, SMTP,2. Databases Integration – RDBs, SQL, HDBs, KSDS3. CORBA, SGML, XML, JSON, REST4. EAI – OOAD, ESB, MOM, SOAP, etc5. SOA – Service Oriented Architecture6. Virtualization – Servers, Storage, Network
Cloud – Is this for real?7. Cloud – Private, Public, Hybrid (peaked 2 years ago)8. Big Data – Hadoop, No SQL, InMemory DB, MongoDG, PIG (last year)9. MDM – mobile data management / Distributed ID Mgmt (now), Identity Management, Mobile Computing
US Cloud GrowthAdoption will only grow:1. The users are seeing the benefits – Agility, Cost2. Federal Mandates : Cloud First, Shared First, etc.3. Vendors are addressing user concerns and willing to accommodate the rules regulations mandates, audit, privacy, etc. (FedRAMP, FISMA, PII, SAS-70, HIPAA, HL-7, SOX, A-123, FFMIA, JFMIP, etc) requirements4. Cloud Service Brokers are becoming more valuable in bridging the knowledge gap between cloud providers and cloud consumers
European CloudThe dark cloud of uncertainty is moving away The European Leaders have staked out a commitment to: Establish a common set of Rules of the Road to develop a cohesive market structure among various member nations for cloud providers. They want to the public clouds to be ‘open, competitive and secure’ so that govts. as well as public can use them. This drew praise from some leading US Tech Trade Associations - CIO Magazine Oct. 2012
A Cloud Should1. Should fit the business need – One size does not fit all2. Needs to be agile to accommodate enterprise’s business process and IT operations3. Able to leverage existing IT infrastructure (rip and replace and increased cost will be a DOA)4. Needs to meet security, compliance & other requirements
Cloud Migration – To do List1. Security – key evaluation criteria2. Get Senior Management commitment early3. Cloud provides – automation, provisioning, mgmt function4. But does NOT provide automatic integration with different layers of cloud security5. So requires lots of education and process updates – needs time and resources6. Have a cloud test ‘sandbox’ for testing SW updates prerelease – to test all cloud layers
Cloud Migration – To do List7. ‘Deny all’ except ‘explicitly allowed’ creates issues with emergency and operational fixes. Therefore, needs a very good CM process, controls and governance
Use Case 1. Private Cloud• Preparation – deliberate and time consuming• Constant Communication• Roll out in Stages• Set expectations right• Training and Expert help – OnSite• Training Classes – Cheat Sheets• Result
Use Case 2. Community Cloud1. 13 Federal Agencies2. Small Budget – Chip in3. Shared Operational Apps4. Catalog Devt. – Dummy data5. Roll out6. Result
Cloud computing future moves… Apply cloud computing concepts to future data centers – to increase agility and efficiency Identify legal, compliance, PII, sensitivity classification of data Build cloud optimized - perform risk / reward analysis applications of a public cloud offering IT as an internal CSB and Investigate 3rd party CSBs – for intermediary to commercial advice, guidance and as an CSBs intermediary to consume cloud services
Future of IT Employees• Businesses like to keep their IT folks asinternal advisors on evolving cloud servicesand as go betweens Cloud Service Brokers(CSBs)•Be a solution provider, add value and becomepart of the integrated business team• Modern IDEs / CASE Tools are more powerfuland one does not need to know ‘bits and bytes’ to develop an application or build aservice
Future of IT ExpensesExpense: Businesses do not like upfront ITexpenses (CAPEX) but want to retain orincrease the value derived (agility,efficiency, peak load mgmt) from the useof these IT resources. They preferpredictable ‘pay as you go’ model (OPEX) Will continue to reduce CAPEX
NIST Cloud Computing Related PublicationsNIST Special Publication 500 Series:NIST Special Publication 500-291, NIST Cloud Computing Standards Roadmap, July2011NIST Special Publication 500-292, NIST Cloud Computing Reference Architecture,September 2011NIST Special Publication 500-293, US Government Cloud Computing TechnologyRoadmap, Release 1.0 (Draft), Volume I High-Priority Requirements to Further USGAgency Cloud Computing Adoption, November 2011NIST Special Publication 500-293, US Government Cloud Computing TechnologyRoadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters,November 2011
NIST Special Publication 800 Series:NIST Special Publication 800-53A, Revision 1, Guide for Assessing the SecurityControls in Federal Information Systems and Organizations, June 2010NIST Special Publication 800-125, Guide to Security for Full VirtualizationTechnologies, January 2011NIST Special Publication 800-144, Guidelines on Security and Privacy in PublicCloud Computing, December 2011NIST Special Publication 800-145, NIST Definition of Cloud Computing, September2011NIST Special Publication 800-146, Cloud Computing Synopsis andRecommendations, May 2012
NIST Cloud Computing Research PapersC. Dabrowski and K. Mills, "VM Leakage and Orphan Control in Open-Source Clouds", Proceedingsof IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece, pp. 554-559.K. Mills, J. Filliben and C. Dabrowski, "Comparing VM-Placement Algorithms for On-DemandClouds", Proceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece, pp. 91-98.C. Dabrowski and K. Mills, "Extended Version of VM Leakage and Ophan Control in Open-SourceClouds", NIST Publication 909325; an abbreviated version of this paper was published in theProceedings of IEEE CloudCom 2011, Nov. 29-Dec. 1, Athens, Greece.C. Dabrowski and F. Hunt, "Identifying Failure Scenarios in Complex Systems by Perturbing MarkovChain Models", Proceedings of ASME 2011 Conference on Pressure Vessels & Piping, Baltimore,MD, July 17-22, 2011.K. Mills, J. Filliben and C. Dabrowski, "An Efficient Sensitivity Analysis Method for Large CloudSimulations", Proceedings of the 4th International Cloud Computing Conference, IEEE, Washington,D.C., July 5-9, 2011.