Interview With an AWS Cloud Champion
Allow me to introduce a good friend, Peter Sankauskas, who I met through the AWS cloud community. Our level of cloud experience evolved with the expansion of the cloud, Amazon in particular, and we have both become prominent members of the AWS community. Having learned more about open source and development, I’d...Read more

image

A while back, I was starting up an EC2 instance on the AWS cloud when it entered an endless restart loop. All the application deployment efforts we’d made (installation and service configuration) over two weeks just went down the drain. So we called support. The support rep redirected us to his team leader who simply told us that, as indicated in the SLA, we had to abide by the shared responsibility model and they were not liable for our loss.

(read more…)

AWS Cloud Security TipsThe cloud enables great agility and can reduce costs if used right. But does it also manage risk? In fact, the cloud contains the same traditional hosting risks as well as specific related risks to your production environment running on the cloud.

With IaaS dynamic environment you pay only for what you use enabling alignment with actual real-time demand. The cloud instance is a temporary resource that is created from a gold master image automatically and on demand. This basic cloud automation capability makes traditional patching redundant and fast provisioning extremely easy. It is an important consideration that changes some basic security deployment perceptions when moving from traditional infrastructure to the cloud.

(read more…)

imageOver the last year I had endless conversations with companies that strive to adopt the cloud – specifically the Amazon cloud. Of those I met, I can say that ClickSoftware is one of the leading traditional ISVs that managed to adopt the cloud. The Amazon cloud is with no doubt the most advanced cloud computing facility, leading the market. In my previous job I was involved in the ClickSoftware cloud initiative, from decision making with regards to Amazon cloud all the way to taking the initial steps to educate and support the company’s different parties in providing an On-Demand SaaS offering.

(read more…)

On a vacation you often find that the best way to enjoy is to try and disconnect from the regular working day routine. Part of my blogging tasks include searching for knowledge resources and publishing news and articles to my followers. I maintain communication with my readers using social communication means such as Twitter and LinkedIn. Setting that in semi-automated state with twaitter (so I can spend my time with my lovely wife and not with my iPad …) brought me to imagine a living, breathing independent cloud creature that “feeds” itself with information.

Think out of the box and try to imagine the possibility that these lines were written by a smart algorithm utilizing the clouds and their enormous amount of information and logic. Imagine that humans don’t have keyboards but only screens to view what the “intelligent cloud creature” generates using smart BI algorithms running on a complex extremely wide integration. As we speak this integration is sprawling; basic logic routines and cross systems flows developed by humans as well as by machines.

The question “what I would like to eat for lunch ?” can be based on enormous amount of considerations such as who you are, who is connected to you, what you have already eaten today and how it fits with your diet, as well as what your best friend would like to eat because he can join you today while visiting nearby. All of these answers and more are already out there. The enormous growth in the number and the size of apps’ eco-systems, Big Data and the robust physical computing capabilities of the cloud leads to a form of intensive information calculation that can generate accurate intelligent results in an adaptive manner.

Traditional IT systems and logic were confined within their on-premise domain of variables. Collaboration wasn’t really an option and integration was (and still is) always a painful point with respect to huge investments and high risks. API deveopment task was one of the last things on the ISV priorities list. Today things can be different thanks to these clouds. The cloud accelerates the extension of eco-systems and can makes this fantasy a reality. I believe that we are heading straight into a second, even more exciting information technology revolution.

“Ask Siri to do things just by talking the way you talk. Siri understands what you say, knows what you mean, and even talks back. Siri is so easy to use and does so much, you’ll keep finding more and more ways to use it.”

The first time I checked this IPA (Intelligent Personal Assistant) agent was about less than two years ago. I was fascinated by the fact that besides the voice recognition and ease of use, Siri aims to generate its own intelligence using its great eco-system environment to generate suggestions and solve problems in a proactive and self-improvement manner. Eventually, I wasn’t surprised to hear that the most innovative company in the world integrated the solution inside its leading product operating system (I am just waiting for them to stop playing around and release it as part of the iOS, not only for the 4S version).

Another noteworthy example is Boomi. The company that was bought by Dell a year ago is a growing business for out-of-the-box “connectors” (the term they use for their integration widgets) platform. 

“Remember Data Integration is the key to the cloudy future. By having Boomi in its pocket, Dell is well positioned to handle these needs” wrote the cloud evangelist Krishnan Subramanian, in his article Quick Thoughts: Dell Acquires Boomi

I had a great discussion with Rick Nucci, Founder and CTO of Boomi regarding the company’s positioning and its strategy to become the heart of the enterprise business flow. The company’s offering enables the IT Organization to generate a full solution assembled from several systems. The company develops a platform that enables rapid provisioning of “connectors” that enable systems. 

“AtomSphere connects providers and customers of SaaS, cloud and on-premise applications via a pure SaaS integration platform that does not require software or appliances. .. Leading SaaS players and enterprise customers such as salesforce.com, NetSuite, RightNow, Marketo, Taleo, Zuora, Coupa, NASDAQ” Read more on Boomi’s site

Utilizing the cloud the company is able to host and maintain all of its customers’ connectors in its own cloud environment. The company takes responsibility for the connectors’ compatibly and provision them as a SaaS with a SLA. The traditional integration maintenance hassle becomes a small issue. SaaS start-ups are focusing on solving a specific problem and by so doing will not be able to solve a complete business flow. I believe that vendors such as Boomi can be positioned on top of the cloud food chain (I love that term – I encourage you to use it and comment what do you think about it), even before some of the above SaaS providers.

Traditional ISV must take action in regards to its eco-systems, both those it owns and those it participates in. Traditional ISVs have vast experience and owns data and logic that can be utilized by the new and agile SaaS developer. The ISV can leverage this experience in the cloud and take strategic steps to increase its public interface services to extend its eco-system and generate additional revenue stream. 

> > > > > Back to Reality

Without the crowd input, the user collaboration and the contribution of the fast running web developer the cloud content, systems integration and eco-system can not evolve and grow. The next IT revolution combined from the connected world and big data is just outside knocking on our door and it lies on top of a rapid pace of cloud innovations and evolution.

> > > Don’t forget to comment – What are the layers of the “cloud food chain” ? < < <

The IaaS Management Market: Evolution, Vendors and More
A lot has already been said about the false cloud use where the IaaS platform utilized as an hosting extension of the IT organization’s data center and not taking advantage of the elasticity benefits to generate a cost effective and scalable IT operation. Using the public IaaS whether it is...Read more

As we climb up the cloud layers scale, the complexity increases hence the vendor lock-in. PaaS as well as SaaS layers present stronger vendor lock-in than the IaaS layer. 

Did you read the 1st part on IaaS Lock-In ? The Cloud Lock-In (Part 1): Public IaaS is Great !

The PaaS vendor releases the “cloud applications’ developers” from the need to maintain the script or the database environments. The PaaS vendor takes responsibility of aspects such as the application deployment, the big data, scalability and availability by enabling features such as multi-tenancy and cluster management. The market is dominated by PaaS offerings like Google Apps Engine, Force.com, Heroku, Xeround, MS Azure, Engine Yard, Cloud Bees, Gigaspaces, Apprenda and others.

Click here to find more information about the PaaS Market.

PaaS is evolving to become the masterful approach towards “cloud software development”. When approaching PaaS, the IT organization should take in mind that there is a reasonable risk that it will quickly be tied to a single programming platform and will not be able to move its applications and data between vendors (PaaS or IaaS). One of the main key points for this discussion is the IaaS portability capability. Let’s first define these two types of a PaaS vendor: 

1 – Public PaaSThe public PaaS vendor offering includes the hosting platform. The  IaaS layer isn’t exposed to the PaaS customer. The customer doesn’t control the IaaS layer at all and the IaaS portability is limited only to the IaaS platforms which the PaaS vendor supports.

2 – Private PaaS: The private PaaS vendor delivers only the wrapper layer that enables the application deployment over an IaaS. The customer has full control over the IaaS including its portability.

Important Note: Currently there is a lack of good definition on that subject. You may think that there is a relation to the public or private IaaS so no ! there is no relation. The difference is that the private PaaS is a completely outsource model and build-it-yourself and it can be deployed on Public and Private IaaS. 

>  >  >  > Public PaaS: Your PaaS vendor chooses the IaaS for you

I found the following statements in an interesting debate between a MS Azure customer and an Amazon AWS customer. It was published on GigaOM this month and I find it appropriate for the PaaS lock-in discussion:

“Getting stuck in a single framework like .NET where there is only one “provider” for .NET tools can be a huge hindrance in any future decisions you make as a company. Microsoft (and Azure as default) seems to be all about lock-in.  Lock-in on the operating system, lock-in on the language platform, as well as lock-in on the Azure services. Also, many companies do have to solve big compute problems that Java, unlike .NET, is well positioned for. While many larger companies don’t have to be as concerned with lock-in — this is a very scary thought for most start-ups that need a clearer longer-term cost structure.” 

Neither Microsoft nor Amazon are going away anytime soon. I would make a decision based on one thing and one thing only — bleeding edge capability and lock-in. “

The great debate: Windows Azure vs. Amazon Web Services

> > MS Azure
These debate’s statements above brought me to search and find for more materials on MS Azure platform in regards to vendor lock-in:

“While every platform has some degree of lock-in, you should look for a partner that offers the ability to move your application into your own data center without completely re-writing it. Avoiding lock-in entirely probably isn’t possible, but making an effort to minimize it up front makes sense. “

I found this statement in the article “The benefits and risks of cloud platforms” written by David Chappel and published on the MS Azure site. I definitely don’t agree with Chappel and I think it is ridiculous (I thought alot before using this word..) to think that after investing in shifting to the cloud (not as an additional hosting), a company will consider moving back to its premise (Disclosure: `I Am OnDemand` is not sponsored by Amazon AWS or any other MS competitor. ;)). For “MS ISV” that is already locked on Microsoft platforms I can just say that the shift to the cloud might be a good point to re-think and re-plan its infrastructures including its lock-ins (I recommend to check Apprenda as an additional option to help with cloud enablement).

> > Force.com

As well as MS Azure the same strong lock-in should be mentioned when discussing Force.com, again the lack of IaaS portability capability and the “closed source” programming language and database. 

Salesforce.com bills Force.com as “The leading cloud platform for business apps.” It is definitely not for me, though. The showstopper: infrastructure portability. If I develop an application using the Apex programming language, I can only run in the Force.com “cloud” infrastructure.” Read a bit more about Force.com lock-in on Mike Gualtieri his Forrester blog post “May Force.com Not Be With You by”

Force.com Vs. MS AzureRead this discussion on Quora

> > Heroku

Understanding that “cloud apps developers” find lock-in as a major issue as well as the rising of Rubi on-Rails among those developers, led Saleforce to acquire Heroku.The Heroku PaaS supports standard interfaces for web services such as HTTP, JSON and XML. They also support open source languages such as Java, Ruby, PHPFog and databases such as PostgreSQL and MySQL. Heroku has been extended to support Java and also been integrated with Salesforce’s Database.com. Salesforce did a clever move that expands its PaaS capabilities. It is great that presenting an open source platform strengthens the company market positioning as one of the world’s cloud and PaaS giants.

Heroku Vs. Engine YardRead this discussion on StackOverFlow

> > Xeround

Another interesting player in the market is Xeround which delivers database as a service. Following my conversation with Xeround CTO, Mr. Avi Kapuya it seems that the competition is more aggressive than in the traditional world where the giant software vendors hold most of the market for run-time script and DB platforms. I asked Mr. Kapuya about Xeround lock-in and he responded that: 

“Lock-in is a subject we take seriously so that customers don’t want lock-in is a basic premise. We make sure to provide our customer the flexibility by supporting MySql interface. The user can easily import his data back to his end any time straight from our site. The same way around a new user can simply upload the data to Xeround platform and continue to work with his ordinary MySql development tools”.

In regards to IaaS portability Kapuya added that:

We consider the portability between public clouds as a service. We run our platform on several IaaS such as AWS and Rackspace and we give our customer the option to select the preferable one. Once a customer asks to move his database from Amazon AWS to RackspaceXeround will move the database to Rackspace, and will shutdown the Amazon database accordingly. Furthermore, our prices are derived from the IaaS vendor prices”

The IaaS portability presented by Xeround differs them from the other vendors I mentioned above. Further more I think that this is an important benefit for Xeround’s customers as they can better trust Xeround with its availability and future options in regards to cloud interoperability and federation.

What are cloud interoperability and federation? Check I Am OnDemand terminology page.

>  >  > > Private PaaS: IaaS at your choice

The other side of the PaaS lock-in story is the private PaaS. Private PaaS vendor provides the application’s “cloud wrapper” and solves issues such as service deployment and scalability. Those can be achieved by enabling multi-tenancy enablement, clustering management, database distribution etc. Traditional ISVs specifically can use private PaaS help with their shift to the cloud. The private PaaS can be deployed on private as well as on public IaaS.

> > Cloud Foundry by VMWare

Discussions on PaaS lock-in should include Cloud Foundry. Cloud Foundry includes SpringSource Framework, an enterprise Java programming model that VMware picked up in its August 2009 acquisition of SpringSource. On April this year VMWare announced Cloud Foundry initiative to support multiple frameworks, multiple cloud providers and multiple application services all on a cloud scale platform.

Watch the Cloud Foundry webinars on the PaaS playlist on I Am OnDemand YouTube Channel

Proud on their PaaSVMWare opened the site DeveloperRights.org and listed the cloud’s developer rights that will help avoid lock-in. I vote for the following:

“The Right to Cloud Portability – The choice of clouds shall not be infringed, today or in the future. If an application works in one cloud or on our laptop, it should work in any cloud and not require learning a new deployment model. “

>  > GigaSpaces

In the private PaaS market you will also find Gigaspaces. I had the privilege to meet the company founder and CTO Mr. Nati Shalom who is a well known and appreciated cloud blogger in the market. I strongly recommend checking his personal blog which presents deep technical analysis of PaaS issues. Gigaspaces was founded in 2000 and over the years it struggled with bringing its PaaS vision to the market.The rise of cloud computing and the growth of the market helped Gigaspaces with its business growth. In regards to the differences between public to private paas Shalom said:

“Another difference between PaaS vendor such as Gigaspaces to vendors such as Azure is that the former provides a solution contrary to the latter that provides a product and tools. Using Azure you still have alot to invest in order to have a working application, as for example perform big data aggregations to eventually generate business analytics.”

Gigaspaces invested 3 years in developing an abstraction layer that enables compatibility with a private environment or a specific public IaaSGigaspace Cloudify product enables ISVs to deploy its platform on on public or private cloud infrastructure. Answering the vendor lock-in issue Shalom said: 

“We don’t care what are the application containers including the run-time and database. Our abstract layer wraps the app stack without any changes to the app run-time. Actually it contains number of recipes that defines an application from outside. The layer also holds list of metrics and the relevant SLA rules. For each metrics there is a threshold and an action. 

> > Apprenda

Another vendor that I talked with in regards to private PaaS lock-in is Apprenda. Following my conversation with Sinclair Schuller, the company CEO and Co-Founder, I find that the cloud lock-in issue is not only the cloud customer consideration but can be served as a business initiation incentive. Apprenda is specialized with public cloud enablement and support for ISVs and enterprises that work with Microsoft development platforms such as MS .NET, SQL Server, ASP.NET & Silverlight. Naturally the main competition of Apprenda is with MS Azure. It is a fact that ISVs that don’t want to be locked in Azure infrastructure will find Apprenda appealing. Contrary to the traditional world and following developers’ experience it is a fact that lock-in has a great impact on the cloud decision considerations. Apprenda clearly proves that the cloud lock-in issue can actually generate new business. “Which Part of the Public vs. Private Cloud Elephant Are You Touching?” by Schuller

> > > > Conclusion

When selecting a PaaS solution, the lesson is that you should always look for the option, if only in theory, to move to another provider without having to completely rewrite your application code. In order to decrease the lock-in risks, you must think carefully about your application business logic when implementing so when conversion is needed you will be able to use the data and the app structure from one platform to re-build the apps in another. Read more on how to select a PaaS provider.

“So what will be the best choice for the IT organization?” I asked Shalom. He answered: 

“The trade off is between simplicity and control. If you want to get control you will pay in complexity and skills and if you want simplicity you will need to compromise on your control. The space in between those two is filled with the customer urge to get the control and the simplicity. The balance can be achieved by a hybrid perception. The IT organization should be able to adopt both concepts, use the vendors like Gigaspaces for its mission critical applications and vendors such as Heroku to deploy the “lighter” applications such as the mobile extensions for the enterprise apps”

In his CIO blog post “Cloud Computing: What You Need to Know About PaaS, points Bernard Golden on “the things IT leaders should think as they begin to evaluate their PaaS options”. It is not surprising that lock-in is the first thing in his list:

I’m less disposed than many to see lock-in as purely negative, as in my experience organizations embrace lock-in because it provides significant benefits”

Following my research and my mantra about the open cloud eco-system world I tempted to say that public PaaS is my preferable option as it also includes great business benefits such as time to market and small investment in comparison with the private PaaS. I also tend to agree with Shalom in regards to his hybrid PaaS perception.

The PaaS vendor must recognize the “open cloud world” with its business benefits as it extends the vendor’s eco-system as well as the amount of new opportunities. Thanks to the traditional software giants (i.e MS, Oracle, etc.) and the open source evolution, IT organizations are much more experienced with choosing their vendors. Lock-in must be positioned higher in the PaaS vendor evaluation considerations list and weak lock-in is a huge benefit.

Part 3 will discuss SaaS vendor lock-in

Stay tuned with I Am OnDemand.

It always good to start with Wikipedia’s definition as it helps to initiate a structured discussion, here is Wiki’s definition for Lock-In:

“In economics, vendor lock-in, also known as proprietary lock-in or customer lock-in, makes a customer dependent on a vendor for products and services, unable to use another vendor without substantial switching costs. Lock-in costs which create barriers to market entry may result in antitrust action against a monopoly.” Read more on Wikipedia

Does the cloud present a major lock-in ? Does the move create substantial switching costs?

“Yes !” is the common answer I hear for those questions. In this article I will debate it basing my findings on real cloud adoption cases.

Generally in terms of cloud’s lock-in, we face the same issues as in the traditional world where the move includes re-implementation of the IT service. It involves issues such as data portability, users guidance and training, integration, etc.

“I think we’ve officially lost the war on defining the core attributes of cloud computing so that businesses and IT can make proper use of it. It’s now in the hands of marketing organizations and PR firms who, I’m sure, will take the concept on a rather wild ride over the next few years.”

The above statement I bring from David Linthicum’s article “It’s official: ‘Cloud computing’ is now meaningless”. Due to my full consent with Linthicum on that matter, I will be accurate and try to make a clear assessment of the cloud lock-in issue by relating each of the three cloud layers (i.e. IPS aaS) separately.

In this part, I will relate to the most lower layer, the IaaS lock-in.

It is a fact that IT organizations take advantage of the IaaS platforms by moving part or even all of their physical resources to the public clouds. Furthermore, ISVs move at least their test and development environments and making serious plans to move (or already moved) part of their production environment to the public clouds.

Read more about shifting legacy systems to the cloud by Ben Kepes

Discussing with a public IaaS consumers, it always come to the point where I ask “do you feel locked on your cloud vendor ?” most, if not all of the companies’ leaders claim that the public clouds’ values (on-demand, elastic, agility,ect) overcomes the lock-in impact so they are willing to compromise. As a cloud enthusiastic it is great for me to see the industry leaders’ positive approach towards moving their businesses to the cloud (again too general – any of them refer to a different layer). I do not think that the lock-in is so serious.

For sometime this claim sounded pretty reasonable to me though on second thought I find that the discussion should start from a comparison with the traditional data center “locks”. Based on this comparison I can already state that one of the major public cloud advantages is the weak lock-in, simply because you don’t buy hardware. Furthermore, companies that still use the public cloud as an hosting extension to their internal data center, don’t acquire new (long term or temporary) assets that they can’t get rid of without having a major loss. In regards to its lock-in the public cloud is great !

Another important explanation related specifically to Amazon AWS products which support SaaS scalability and operations. Smart SaaS architect will plan the cloud integration layer, so that the application logic and workflow will be strongly tied with the underlying IaaS capabilities such as on-demand resources auto provisioning.

Read more about the relationship between web developers and the cloud

For example, the web can use the cloud integration layer to get on-demand EC2 resources for a specific point when a complex calculation occurs. In a superficial glance, the fact that the cloud API used as a part of the application run-time script holds an enormous lock-in risks. I disagree and let me explain why.

As a market leader, Amazon AWS will be (already is) followed by other IaaS vendors. Those will solve the same scalability and operational issues by the same sense and logic of AWS. Basically this means an evolution of IaaS platform standards. Smart cloud integration layer will enable “plug & play” a different IaaS platform or even orchestrate several in parallel. To strengthen my point I bring as an example several cloud start-ups (solving IaaS issues such as governance, usage and security) that developed their product to solve issues for Amazon AWS consumers and seriously target support of other IaaS vendors’ platforms such as Rackspace cloud and vCloud. In regards to lock-in the public cloud is great !

The IaaS vendors in the market recognize the common lock-in drawback of moving to the cloud. Vendors such as Rackspace brings the OpenStack which is a cloud software platform, so cloud vendors can build IaaS solutions upon it. Rackspace showing off on their blog site –

OpenStack™ is a massively scalable cloud operating system, powering the world’s leading clouds. Backed by more than 50 participating organizations, OpenStack is quickly becoming the industry standard for public and private clouds. Read More

It should be noted that applications and data switching between clouds is still complex and in some cases not feasible though believing in the public cloud’s future comes with understanding of its weak lock-in and will lead to visionary and long term strategic plans.

What about the private IaaS ?

Following my on going research on what is the best cloud option (i.e public, private or hybrid), I found that outsourcing the IT environment to a private or an hybrid includes a major lock-in. Implementation of a private or an hybrid cloud includes lots of customization, hence lack of standards. Private and Hybrid clouds have their benefits though lock-in is not one of them. The contract with the vendor is for 3 to 5 years at least (a data center’s typical depreciation period) on a non standard environment leads to an extreme, long term lock-in in terms of the “on-demand world”.

In order to decrease lock-in the IaaS consumer must prove the organization need for a private cloud by planning strategically for long term. Besides the ordinary due diligence to prove the vendor strength, the contract must include termination points and creative ideas that can weaken the lock-in. For example renewal of initial contract under re-assessing of the service standards, costs and terms in comparison with the cloud market, including the public one. The private cloud vendor must prove on-going efficiency improvements and costs reductions accordingly.

In his article Keep the ‘Cloud’ User in Charge”, Mark Bohannon, VP at Red Hat, Warns:

by vendors to lock in their customers to particular cloud architecture and non-portable solutions, and heavy reliance on proprietary APIs. Lock-in drives costs higher and undermines the savings that can be achieved through technical efficiency. If not carefully managed, we risk taking steps backwards, even going toward replicating the 1980s, where users were heavily tied technologically and financially into one IT framework and were stuck there.”

Some of the private cloud offering today have similar characteristics as the traditional data center, to me it seems that the former comes with a stronger lock-in impacts. In case of an IT transition companies who decide to go that way should expect a considerable switching costs and long term recovery of their IT operations hence of their business.

The second part will discuss the cloud lock-in characteristics in regards to the SaaS and the PaaS layers.

As the founder of Cloudonomics.com, Joe Weinman is one of the most known cloud computing evangelists in the world. Weinman researches the economics of the cloud. Among other cloud aspects he examines, he also relates to the cloud financial operational costs together with its buisness benefits. Following I Am OnDemand last posts summarizing and discussing several Cloudonomics researches, we asked Mr. Weinman to meet for a brief discussion. Last week I had the honor to interview him for about an hour and hear his clouds’ perceptions and vision.

(read more…)

The first part of Weinman’s lecture discussing the basic “go to the cloud” and demonstrating cloud environments’ loads of different corporations’ web applications. In this part we will bring 6 scenarios presented by Weinman, each includes a brief analysis and proof of its cost and benefits.

First lets start with several assumptions and definitions:

> > > 5 Basic assumptions Pay-per-use capacity model:

  1. Paid on use – Paid for when used and not paid for when not used.
  2. No depend on time – The cost for such capacity is fixed. It does not depend on the time or use of the request.
  3. Fixed unit cost – The unit cost for on-demand or dedicated capacity does not depend on the quantity of resources requested (you don’t get discount for renting 100 rooms for the same time).
  4. No other costs – There are no additional relevant costs needed for the analysis.
  5. No delay – All demand served without any delay.

(read more…)