Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Burkhard stiller cloiuds-fu-nems-2012


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Burkhard stiller cloiuds-fu-nems-2012

  1. 1. Mobile Summit, Cloud Networking – Technical and Business Challenges I Berlin, July 4, 2012 Clouds — Challenges and Risks Burkhard Stiller1 1Department of Informatics IFI, Communication Systems Group CSG, University of Zürich UZH stiller@ifi.uzh.chin collaboration with Guilherme Machado1 and Andrei Vancea1 and SESERV . Introduction and Definition Challenges and State-of-the-Art Risks and Economics Conclusions © 2012 UZH, CSG@IFI 1 From Desktops to Clouds Desktops and workstations – Networked, low capacity storage, limited processing Local clusters – Connected, centralized, higher storage/processing Institutional clusters, High-performance Computing HPC – Access-controlled, centralized, high storage/processing Grids – Shared services on top of visible hardware and software resources Clouds: IaaS, PaaS, SaaS? Great Globular Cluster in Hercules © 2012 UZH, CSG@IFI 2
  2. 2. Clouds – Common Grounds Clouds are [defined as] – a large pool of easily usable and accessible virtualized resources (such as hardware, development platforms, and/or services [and software]). – These resources can be dynamically reconfigured • to adjust to a variable load (scale), • allowing also for an optimum resource utilization. – This pool of resources is typically exploited by a pay-per-use model • in which guarantees are offered by the infrastructure provider by means of customized SLAs [Service Level Agreements]. L. M. Vaquero, L. Rodero-Merino, J. Caceres, M. Lindner: A Break in the Clouds: Towards a Cloud Definition; ACM Computer Communications Review Vol. 39, No. 1, December 2008, pp 50-55.© 2012 UZH, CSG@IFI 3 Cloud Characteristics in Practice (1) Flexible pricing via pay-per-use – Users pay for consumption of services/resources – Computing capabilities exploited in models Elastic scaling – Resource availability can scale up or down at any time by different factors as demand increases or decreases Rapid provisioning – Computing capabilities/services are immediately provisioned without physical delivery/transferring ownership or resources Improvement of energy consumption – Minimization of IT infrastructure power consumption© 2012 UZH, CSG@IFI 4
  3. 3. Cloud Characteristics in Practice (2) Virtualization – Basically all computing resources are virtualized • To provide independence of underlying infrastructure • To achieve optimal utilization of resources (Semi-)Standardized offerings – Cloud services are highly provider-specific – Cloud services offer limited customization – Cloud services are usually available through self-service interfaces – Service request and provisioning processes automated Based on J. De Vos, E. van Heusden: Implications of Cloud Computing on IT Service Management, 2010.© 2012 UZH, CSG@IFI 5 Challenges and Selected State-of-the-Art© 2012 UZH, CSG@IFI 6
  4. 4. Key Challenges (1) – Security and legal functionality • Data location • Data segregation between competitor’s data • Privileged user access for sharing physical resources • Recovery in case of disasters • Fault investigation support • Long-term viability wrt contracts – Interoperability and standards • Common and standard interfaces for cloud computing • Portability of virtual appliances across diverse clouds providers – E.g., migration of virtual machines, virtual networks, or live migration, from one Cloud Provider to another – Needed for robust and available cloud services • Device-independency (bring your own – BYO), especially mobile© 2012 UZH, CSG@IFI 7 Key Challenges (2) – Optimization of capacity utilization • “Avoid the promise of something that cannot be delivered!” – Scheduling considering typical Cloud-specific parameters, e.g., CPU, RAM, bandwidth, and any other parameter being sold … • Over-capacity decreases user’s satisfaction, leading to loss of revenue • Under-capacity does not generate revenue for the Cloud Provider – Cloud aggregation • To ensure availability in case of faults – Sharing of resources between cloud providers – Brokering algorithms for high availability, performance, proximity, legal domains, price, or energy efficiency • Networking in the deployment of services across multiple cloud providers • SLA negotiation and management between cloud providers – SLAs, monitoring, and accounting (accountability)© 2012 UZH, CSG@IFI 8
  5. 5. Open Issues – SLA, Monitoring, Accounting Cloud providers typically do not offer guarantees – Large to very huge sizes of Cloud provider IT infrastructures • Technically hard to provide deterministic guarantees • High complexity due to multiple inter-dependencies of resources (physical, virtual, and their combinations) – SLA specifications tailored toward Cloud users’ interests • E.g., in terms of parameters like availability, but less focused on technical ones, such as performance or bandwidth Monitoring and accounting management – Needs to consider layers inside and outside Cloud providers – Accounting of virtual resources utilized (accountability) • Even further, auditability is in full hands of Cloud providers © 2012 UZH, CSG@IFI 9 State-of-the-Art in Cloud SLAsCloud Provider Service SLA Parameters Availability (99.9%) with the following definitions: Error Rate, Monthly Uptime S3 Percentage, Service Credit Availability (99.95%) with the following definitions: Service Year: 365 days of EC2 (Elastic the year, Annual Percentage Uptime, Region Unavailable/Unavailability, Amazon Compute Cloud) Unavailable: no external connectivity during a five minute period, Eligible Credit Period, Service Credit Subject to the Amazon Web Services Customer Agreement, since no specific SimpleDB SLA is defined. Such agreement does not guarantee availability. The company’s Web site does not contain information regarding SLAs for this SalesForce CRM specific service. Google Apps (incl. Availability (99.9%) with the following definitions: Downtime, Downtime Google Gmail business, Period: 10 consecutive minutes downtime, Google Apps Covered Services, Google Docs) Monthly Uptime Percentage, Scheduled Downtime, Service, Service Credit. Availability regarding the following: Internal Network: 100%, Data Center Infrastructure: 100% Performance related to service degradation: Server Migration in case of Cloud Server performance problems: migration is notified 24 hours in advance, and is completed in 3 hours (maximum).Rackspace Cloud Recovery Time: In case of failure, guarantee the restoration/recovery in 1 hour after the problem is identified. Cloud Sites Availability, Unplanned Maintenance: 0%, Service Credit. © 2012 UZH, CSG@IFI Cloud Files Availability: 99.9%, Service Credit. 10
  6. 6. State-of-the-Art in Cloud SLA Management and MonitoringApproach SLA@ RESERVOIR R. Serral- Trust Assess SLACC SOI Gracia COM GridPrediction for Static Static Yes, evaluating No No Dynamically added Parameters Parameters past service parameters disruptions Range of Narrow Medium and Narrow Wide and Unknown, Wide and flexibleParameters Flexible flexible but flexible Estimation No No No No No Yes Algorithm Risk No No No No Yes Embedding preparedAssessment IT No Yes, just for Unknown Only partially Unknown YesInfrastructure virtualization available – Model incomplete Estimates No No No No Yes, risk Yes Repository repository SLA Yes, not WS-Agreement Unknown WS- WS- Yes Language defined yet Agreement Agreement SLA Yes Yes No, detects Yes Yes Yes Monitoring service © 2012 UZH, CSG@IFI 11 disruption Risks and Economics © 2012 UZH, CSG@IFI 12
  7. 7. Basic Risks in Clouds National Institute of Standards and Technology: An Introduction to Computer Security: The NIST Handbook, 800-12. Risk = Threat X Vulnerabilities – Threat: • Any potentially malicious or other occurrence that can have an undesirable effect on the assets and resources of the Cloud system – Vulnerability: • A quality or characteristic of the Cloud-based system that provides an opportunity for misuse (internal or external) Manifold Cloud-based threats, vulnerabilities (external): – Eavesdropping, changing data, DDoS, provider shut-down … • Threats for confidentiality, integrity, authenticity, availability … – Service interfaces, data transfer, data storage, virtual machines/sand-box, accounting data …→ Risks are expressed typically in monetary values© 2012 UZH, CSG@IFI 13 Economics Economics (simplified): pricing – costs – chargeback – External view: pricing for utilized Cloud services • Common today: pay-per-use pricing models – Elastic scaling of resources, usage of shared virtualized infrastructure … • Hypothesis: The Cloud fundamentally changes the economics of IT. – How to determine prices, find “good” ones? • Cloud providers don’t provide guarantees • Cloud users can easily switch between different providers • Both do not really see strong economic commitments – Internal view: how to determine and handle IT costs? • Dynamic resource provisioning, (lack of) commitments, contracts (SLAs), contract violations, monitoring tools, accounting models, personnel … • Hypothesis: Pay-per-use models enable a more efficient use of capital, potential cost reductions, and provide for business flexibility. 14© 2012 UZH, CSG@IFI
  8. 8. Accounting and Costs Existing knowledge – Modeling of larger computing/data centers exist – Understanding of almost all technical details, however, not of all personnel-related costs – Models in place for accounting and (selected) costs Missing knowledge – Models for “typical” IT infrastructures of (a) SME, (b) SME+, and (c) SME- types of scenarios – Accounting for virtual resources, mappings into physicals • Needed to form the basis for evaluating usage and in turn costs in IT infrastructures (technical and personnel) – This may form the basis for utilizable pricing of cloud services© 2012 UZH, CSG@IFI 15 Key Success Factors for Cloud Pricing Transparency and understandability – To offer transparent and understandable pricing models to stakeholders Controllability – To denote to what extent consumers are in control of IT costs Cost of costing – To quantify costs of the application of accounting models and to compare them against potential benefits Fairness – To optimize perceived fairness, the key to pricing models, which refers to the user’s perception of how fair the model is Accuracy – To what extent charges (allocated to an organizational unit) match to each service accurately, approximating actual costs (cost recovery) Based on B. Stiller, G. Fankhauser, N. Weiler, B. Plattner: Charging and Accounting for Integrated Internet Services – State of the Art, Problems, and Trends, The Interet Summit (INET 98), Geneva, Switzerland, July 21-24, 1998, and on J. De Vos, E. van Heusden: Implications of Cloud Computing on IT Service Management, 2010.© 2012 UZH, CSG@IFI 16
  9. 9. Cloud Chargeback Metrics What metrics can IT departments use to charge back business units for cloud services? – Chargeback for any IT service? The question is complex! – Charging for (tele-)communication services – Charging for Infrastructure-as-a-Service (IaaS) • CPU cycles, memory, disc space, I/O, bandwidth (telco) – Charging for Platform-as-a-Service (PaaS) ? • Concern at application development and support level – Charging for Software-as-a-Service (SaaS) ? • Metric evaluates business value of the service, such as the number of customer requests responded to within a given period of time© 2012 UZH, CSG@IFI 17 Economics Reconsidered Economics (simplified): pricing – costs – chargeback – External view: pricing for utilized Cloud services • Hypothesis: Does the Cloud fundamentally change economics of IT? • NO – but it demands for a much more transparent understanding of IT and service costs within a Cloud user’s infrastructure. – Internal view: how to determine and handle IT costs? • Hypothesis: Pay-per-use enables more efficient use of capital, potential cost reductions, and business flexibility. • YES – As it seems today, however, total costs may not be reduced.© 2012 UZH, CSG@IFI 18
  10. 10. Conclusions© 2012 UZH, CSG@IFI 19 Clouds’ “Don’ts and Does” Clouds do not define a single technology Don‘ts Clouds do not revolutionize technology Clouds determine a business evolution to match agile and flexible computing demands Clouds enable an IT “capacity” increases (storage, computing) while keeping costs low (or similar) without investing in new infrastructure, maintenance, software Clouds offer multiple technology facets and solutions Does© 2012 UZH, CSG@IFI 20
  11. 11. Generic Cloud Evaluation + Scale and encapsulated update/change managementpositive aspects • Greater efficiency of provision as economies of scale hold + Costs Mostly • Pay-as-you-go scheme, which avoids over-buying resources + Flexibility and agility as well as next generation migration • On-demand computing demands • Ability to create new compute resources to experiment with – Security (Integrity, privacy, and data protection)negative aspects • Dedicated scenario- and technology-dependent case analysis required Partially – Availability, reliability, and lack of control • Full dependency on cloud provider (technology, SLA) – Lock-in effects • Cloud provider-specific interfaces, maintenance, SLAs, and pricing exist© 2012 UZH, CSG@IFI 21 Thank you for your attention. Questions?© 2012 UZH, CSG@IFI 22