Impact Of The Cloud For IT Managers

Simon Guest Senior Director, Technical Strategy Microsoft Corporation Session Code: ISB204

This is Jim

Jim is an IT Manager

For a large pharmaceutical

Jim’s Boss (the CIO) has asked him to “ move their company to the cloud”

Jim has no idea what this means

Jim has heard of cloud computing, but is lost when it comes to the terminology

Is cloud computing just about virtualization in the data center? http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9121923

Is cloud computing just another term for software as a service? http://www.daniweb.com/blogs/entry3993.html#

Is cloud computing something new? http://www.cloudviews.org/2009/01/is-this-cloud-thing-something-new/

Is cloud computing for stupid people?! http://cloudcomputing.sys-con.com/node/692407

Goal of the next 55 minutes: Help Jim “demystify” the cloud

Help him understand the terminology surrounding cloud computing

Show Jim what applications make sense in the cloud, and why

Teach Jim the important considerations for moving to the cloud

Buzzword Bingo

SOA – Service Oriented Architecture

SaaS – Software as a Service

Web 2.0

RIA – Rich Internet Applications

Software + Services

Are any of these cloud computing?

Not really – these are styles of application architecture

These styles may work in the cloud, but by themselves they are not cloud computing

To understand cloud computing, we need to instead start by looking at where applications live

On Premises

I purchase my own hardware and manage my own datacenter

Order 10 servers from DELL, they arrive a week later, I un-box them and install them in racks

Traditional way of doing things – has worked well for Jim the past few decades

Application runs on-premises Buy my own hardware, and manage my own data center

Application runs

on-premises

Bring my own machines, connectivity, software, etc.

Complete control and responsibility

Upfront capital costs for the infrastructure

Hosted

I pay someone to host my application using hardware I specify or provide

“ Dear hosting company, please set me up 2 x dedicated Web servers and 1 x database, backed up nightly” “Sure – that’ll be $21.99 per month”

Used heavily for public web site and/or company extranet and partner sites

Application runs on-premises Buy my own hardware, and manage my own data center Application runs at a hoster Pay someone to host my application using hardware that I specify

Application runs

on-premises

Application runs at a hoster

Rent machines, connectivity, software

Less control, but fewer responsibilities

Lower capital costs, but pay for fixed capacity, even if idle

Cloud

Pay someone for a pool of computing resources that can be applied to a set of applications

Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. [National Institute of Standards and Technology] http://news.cnet.com/8301-19413_3-10237274-240.html

With a cloud, the administrator defines the service level for an application

The cloud software manages the application by creating one or more instances and handling storage

Application runs on-premises Buy my own hardware, and manage my own data center Application runs at a hoster Pay someone to host my application using hardware that I specify Application runs using cloud platform Pay someone for a pool of computing resources that can be applied to a set of applications

Application runs

on-premises

Application runs at a hoster

Rent machines, connectivity, software

Less control, but fewer responsibilities

Lower capital costs, but pay for fixed capacity, even if idle

Application runs using cloud platform

Shared,

multi-tenant environment

Offers pool of computing resources, abstracted from infrastructure

Pay as you go

Cloud “Variants”

Private Cloud

Pool of computing resources that lives within a self managed datacenter

Pool of computing resources that lives within a datacenter with no sharing

Hosted Cloud

Pool of computing resources that is offered through a hoster, utilizing software from another vendor

Public Cloud

Pool of computing resources offered from the same vendor that supplies the software

Jim now understands the style of an application, and where it lives , but who creates the application?

Build vs. Buy

Application runs on-premises Application runs at a hoster Application runs using cloud platform Build vs. Buy Build Buy “ Packaged” Application An application that I buy “off the shelf” and run myself “ Home Built” Application An application that I develop and run myself Hosted “ Home Built” An application that I develop myself, but run at a hoster Hosted “ Packaged” An application that I buy “off the shelf” and then run at a hoster Cloud Platform An application that I develop myself, that I run in the cloud “ Software as a Service” A hosted application that I buy from a vendor

“ Nice diagrams so far… … but, what about my applications?”

“ CRM and Email are commodity services. We have few customizations, and it should be cheaper for someone else to run these.” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Viral Marketing Molecule Research

“ This is a viral marketing website. It has a small chance of being really big, but we’re not sure!” “ How difficult is it to move these to a software as a service model?” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Molecule Research Viral Marketing

“ This application runs at full capacity for short periods of time at the end of each month.” In case it is successful, we’re interested to see if the cloud would help us scale better.” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Viral Marketing Molecule Research

“ MRI images are very large and exponentially growing. Is there a better way of storing these?” “ Can the cloud help us in providing compute power on an as needed basis?” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Viral Marketing Molecule Research

“ Does the cloud give me the storage I’m after?” “ We need to share results from our H1N1 trials with government entities.” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial HR Application Viral Marketing Molecule Research MRI Imaging

“ I can’t afford to maintain this old HR application written in VB – it’s driving me mad!” “… but due to regulatory issues, I can’t store my data off premise.” “ Does the cloud provide anything for inter-organization communication?” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Viral Marketing Molecule Research

“ A good solution could be to find a suitable packaged application here.” Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Viral Marketing Molecule Research

What patterns do we see here?

Pattern 1: Transference

Taking an existing on-premises application and moving it to the cloud

Application runs on-premises Application runs at a hoster Application runs using cloud platform “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” Cloud Platform “ Software as a Service” CRM / Email Clinical Trial MRI Imaging HR Application Viral Marketing Molecule Research

Drivers? Economic, Consolidation, Prototyping

Pattern 2: Scale and Multi-Tenancy

Creating an application that has the ability to handle web load without requiring the full capital investment from day one

Drivers? Prototyping, Risk Mitigation

Pattern 3: Burst Compute

Creating an application that has the ability to handle additional compute on an as-needed basis

Drivers? Economic (avoiding over capacity)

Pattern 4: Elastic Storage

Creating an application that has the ability to grow exponentially from a storage perspective

Drivers? Economic (avoiding over capacity), Management

Pattern 5: Communications

Creating an application that has the ability to communicate between organizations using a pre-defined infrastructure

Drivers? Infrastructure Management

From this exercise, Jim realizes…

Not all applications look the same in the cloud

Instead, he must understand the drivers for moving (or creating) cloud based applications

Also, not everything makes sense in the cloud

So, all of this looks great in PowerPoint … but what else should Jim be considering?

Each data center is 11.5 times the size of a football field

When you have this many machines to look after, the rules change

MTBF (Mean Time Between Failure)

Approximate lifetime value that manufacturers state for system components

Average Manufacturer Disk MTBF = 1M hours = failure every 114 years (Does not mean that every disk will last 114 years – calculated using batch of 1500 disks running for 30 days without failure) http://www.datarecovery.com.sg/data_recovery/disk_drive_mean_time_failure.htm

Average Manufacturer NIC MTBF = 44 years

Average CPU Cooling Fan MTBF = 22 years

Statiscally, with 20,000 machines this equates to 2 or 3 machines out of order every day

Which isn’t bad

Except if it’s your machine!

What does this mean?

Management of a cloud datacenter has to be done differently

“ Pager at 2am” vs. “9 – 5 datacenter management”

Different replacement strategy NIC Server Rack Container

What does this mean for Jim?

Jim’s team’s approach to application architecture has to change

Away from the approach of a single application running on a single machine

Need to move from ACID transaction model to BASE transaction model

ACID = Atomic, Consistent, Isolated, Durable (traditional transactional commit model)

Really difficult to implement ACID transactions in distributed systems (actually an anti-pattern)

Spend a lot of money trying and still not get working perfectly

BASE = Basically Available, Soft state, Eventually consistent

It’s OK to be wrong, as long as consistency is achieved eventually

Compare the cost of an apology vs. the cost of knowing for sure

6.9 million copies of “The Half Blood Prince” were sold in the first 24 hours of release in the US http://en.wikipedia.org/wiki/Harry_Potter#cite_note-bbc-hbp-record-95

If you were the online bookstore selling those 6.9 million copies would you optimize for ACID or BASE consistency?

If you accidentally oversell by a few books, it’s OK to apologize

Flickr (http://highscalability.com/flickr-architecture)

Jim’s development team needs to think differently about app architecture in the cloud, especially transactional state

“ If my application is running in one of these massive datacenters, it’s not very “green” is it?”

The cost to buy a server is cheaper than the cost to run (power) a server

Datacenter Power Consumption Chart Power Conversion Cooling Hoteling Systems

It’s not only the single server either – it’s about all the other stuff attached…

Drug Inventory Service DNS Services Application Deployment Services System Provisioning Services Instrumentation & Monitoring Services Patch Management Services Troubleshooting Analysis Break/Fix Services Network Services Storage Services Messaging Services Authentication Authorization Non-Repudiation Services Access Control Services Presentation Services Credit Card Transaction Service Shipping Service Control Service Pricing Service File Management Services

Green Grid (Green Computing Consortium)

PUE : Power Usage Effectiveness http://www.thegreengrid.org/Global/Content/white-papers/The-Green-Grid-Data-Center-Power-Efficiency-Metrics-PUE-and-DCiE

The ratio of total energy consumption (servers + cooling) to 'useful' energy consumption (servers only). http://it.toolbox.com/wiki/index.php/Power_Usage_Effectiveness_%28PUE%29

A typical enterprise-level data center is thought to have a PUE of 2.0 or greater http://it.toolbox.com/wiki/index.php/Power_Usage_Effectiveness_%28PUE%29

This means that for every watt of IT power, an additional watt is used to cool and distribute power to the IT equipment http://it.toolbox.com/wiki/index.php/Power_Usage_Effectiveness_%28PUE%29

Our prediction is that the Chicago data center will deliver an average PUE of 1.22 http://www.greenm3.com/2008/10/microsoft-blog.html

(Can’t have a PUE less than 1.0 – then you’d be generating your own power!)

http://download.microsoft.com/download/a/7/b/a7b72ab1-ca17-4589-923a-83b0ff57be6d/Energy-Efficiency-Best-Practices-in-Microsoft-Data-Center-Operations-CeBIT.doc SCRY

http://download.microsoft.com/download/a/7/b/a7b72ab1-ca17-4589-923a-83b0ff57be6d/Energy-Efficiency-Best-Practices-in-Microsoft-Data-Center-Operations-CeBIT.doc 22% improvement over 3 years Generation 1

http://download.microsoft.com/download/a/7/b/a7b72ab1-ca17-4589-923a-83b0ff57be6d/Energy-Efficiency-Best-Practices-in-Microsoft-Data-Center-Operations-CeBIT.doc Follows Moore’s Law

Jim can barely keep his eyes open. Why is this important to him? He’s not running a cloud data center…

True ; but running applications in the cloud means that Jim “inherits” the green profile (PUE) of that datacenter

May be of little consequence now, but what happens in 5, 10, 15 years time when regulations get stricter about PUE?

Did you know that our industry accounts for 2% of the total carbon emissions – the same as the aviation industry! http://www.gartner.com/it/page.jsp?id=503867

When that time comes does Jim want to be measuring his own PUE or inheriting from someone else?

Fair point – good to know that you are on it

Talking about policy – what’s the deal with cloud computing when it comes to regulations?

… especially having your data stored in datacenters located outside your own country

For example, would a non-US government entity trust data stored in a US datacenter?

Would you trust your data to be stored in a datacenter not in your home country?

This is high on the list of concerns for many thinking about moving to the cloud…

Ironically, we have these issues today – they are just implicit

Takes his laptop on a business trip to: Pierre Lives in: Accesses his email stored in: Through a cache server in: Uses medical app hosted in: Recently updated by a team in:

Two solutions:

Vendors build datacenters in each and every country

An expensive and unlikely proposition

There is cultural change of accepting access to data across foreign borders

Do you remember online banking 15 years ago? http://findarticles.com/p/articles/mi_m0EIN/is_1995_June_21/ai_17104850/?tag=untagged

So, assuming Jim’s data could be stored overseas what does security look like?

Two aspects: Physical and Electronic

Physical is the easier one

Security guys outside the datacenter http://www.rtl2.de/images/trailer/1_policeacademy7_detail.png

Biometric devices on datacenter colos http://www.aspwebhosting.com/datacenter.htm

Cages around most sensitive equipment http://www.aspwebhosting.com/datacenter.htm

Security of the data itself

Relatively easy to implement – i.e. encrypt with PK and move to cloud, decrypt with pK when need be On Premises Cloud Datacenter Data PK PK{Data} pK Data

Validate integrity, sign with pK and validate by decrypting hash with PK Hash Data On Premises Cloud Datacenter pK PK Hash Data pK{Hash} Data

This is relatively secure, but…

How does the vendor backup the data (without the key, difficult to know what has changed) On Premises Cloud Datacenter Data PK PK{Data} pK Data What’s changed?

How do you create a service that can search cryptographic data? On Premises Cloud Datacenter Data PK PK{Data} pK Data How can I search this?

Jim understands that it’s less about trusting the security of data in the cloud…

… but more about understanding the use cases of accessing that secure data

Related to security, how about the identity of Jim’s users?

He’s still suffering from the SSO project that he started 5 years ago…

The vast majority of enterprise applications rely on knowing the identity of the user

On premise applications often have the luxury of being close to the identity store On Premises Cloud Datacenter App AD

Things can get complicated if you transfer the application to the cloud… On Premises Cloud Datacenter App AD

Do you want to move the identity provider? Probably not. On Premises Cloud Datacenter App AD Where did AD go?

Many organizations end up creating a second ID provider for the cloud Cloud Datacenter On Premises App AD App SQL

Even with good replication between the two, this can create a problem with identity management

Cloud Datacenter On Premises App AD App SQL Joe [email_address] Joe/Password

Even with aggressive replication this is hard

Problem gets worse with multiple hosted applications

How do we solve this?

Similar to your attendee pass Registration Desk Door person Attendee Speaker Crew Main Hall Attendee Speaker Crew Speaker Rm Speaker Crew Bill Veghte Green Room Crew Joe Pharma Attendee Joe Pharma Passport Agency

Cloud Datacenter On Premises AD App Joe [email_address] STS (Secure Token Service) [email_address] Attendee Passport Agency Registration Desk Door Person

Cloud Datacenter On Premises AD App Joe [email_address] STS (Secure Token Service) [email_address] Attendee Where’s your badge? Where’s your ID? joe@ pharma.com Pwd=123 Please let me use your app I need a badge

Cloud Datacenter On Premises AD App Joe [email_address] STS (Secure Token Service) [email_address] Attendee Come on in… Here you are: Attendee Please let me use your app Attendee

Claims Based Identity

Cloud Datacenter On Premises AD App Joe [email_address] STS (Secure Token Service) [email_address] Attendee Where’s your ID? joe@ pharma.com Pwd=123 No way – you’re fired! Where’s your badge? Foiled! Revenge is not sweet I need a badge Please let me use your app

Definitely easier than that SSO project – thank you!

This has been good things to consider so far, but Jim has one last question…

“… I have a great new idea that I want to try out in the cloud. Will it make me rich!?! :-)”

Consultant’s answer: Well, it depends…

One on hand, possibly…

On premises CRM system

$12 per month per user

Hardware, software, datacenter hoteling, management, operations, helpdesk, etc.

Cloud based CRM software

$10 per month per user

Arguable $2 per user per month saving (not factoring in migration costs)

DELL PowerEdge M600 = $4,689

10 of those = $46,890

$0.30 per compute hour (High CPU)

The same $46,890 would buy you 156,300 compute hours

651.25 compute days for 10 instances

21.4 compute months for 10 instances

Let’s not forget however… Bandwidth is not free

Jim’s get-rich-quick idea is a new cloud based application for Blu-ray movies!

What’s this going to cost to run?

Internet Radio (64kps) 21Gb per month (24 hours per day)

YouTube (512kps) 166Gb per month (24 hours per day)

HDTV (4Mbps) 1296Gb per month (24 hours per day)

Storage - $0.15 per Gb Data Transfer - $0.17 per Gb

Sounds cheap, but is it?

YouTube example = $0.17 x 166Gb ($28.22 per user per month)

HD Movie = $0.17 x 1296Gb ($220.32 per user per month)

Jim’s new movie service in the cloud…

Storage = 2TB of Movies Stream: ~1,000 users per day @ 4Mbps

Storage cost (month) = $150

Data Transfer (month) = $215,156

… but Jim said he wanted Blu-ray!

Storage = 9TB of HD Movies (360 titles at 25Gb per title) Stream: ~1,000 users per day @ 36Mbps

Storage cost (month) = $1350

Data Transfer (month) = $1.93M!

To break-even, each user would have to pay $1,937 per month subscription!

“ Several industry insiders estimate that YouTube spends roughly $1 million a day just to pay for the bandwidth to host the videos.” http://techland.blogs.fortune.cnn.com/2008/03/25/youtube-looks-for-the-money-clip/

"... Veoh, a video-sharing site operated from San Diego, decided to block its service from users in Africa, Asia, Latin America and Eastern Europe, citing the dim prospects of making money and the high cost of delivering video there.” http://www.nytimes.com/2009/04/27/technology/start-ups/27global.html?ref=business

The Point? Sometimes that we forget we are not in a lab!

Cloud computing opens up new and interesting possibilities, but don’t forget the business model to support this!

When Jim was first looking into cloud computing, he wanted to take his VB6 application into the cloud

He now realizes that his VB6 application isn’t well architected for the cloud

Nor does the application know what it takes to participate in a pool of computing resources

And it definitely doesn’t conform to security and identity considerations for the cloud

But now he understands this whole cloud computing space much better

He is much clearer on the terminology, understands where his applications can fit, and the considerations for doing so

… and is already putting together some of the recommendations he needs for his CIO

(which definitely won’t include a movie sharing site!)