The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

The Freemium sales model is a business model innovation best suited to inexpensive products that are very easily understood (and therefore not very new or very different) and that solve an obvious problem in a manner that is more convenient for the customer to acquire and implement. There are not many new virtualization and cloud technology companies who set out to produce undifferentiated products which suggests that a general application of the Freemium model to startups in our ecosystem is ill advised. Enterprise customers should pay great attention to products that are being marketing in this manner to ensure that they do not end up growing the use of something that was purchased in a tactical manner into a strategic use case.

If we are going to start over, why not really start over and reinvent the entire infrastructure and management software industries in the process. That way we end up with an infrastructure that was actually designed for the dynamic, agile, and scalable use cases that we are trying to address with a green field approach, and an appropriate set of management tools as well. Is this going to happen? You can bet that there are already VC funded startups in stealth mode working on it.

One thing I noticed while attending this year’s VMworld in San Francisco was how many people attending the event had iPads. Actually, it was the hottest item being given away by almost all the vendors in attendance at the show. I was lucky enough to get one of the iPads that EMC was giving away. I recently heard that the iPad is the hottest selling tech item in history so far. During VMworld I got a chance to see the VMware iPad application to control your virtual environment and was really impressed. I really think the iPad might have a chance to become the tool of choice for the IT admins to monitor and administrate their environment. I am hoping that by VMworld 2011 we will be seeing a lot more client applications written and ported to the iPad and/or other mobile devices.

Eucalyptus-based solution that is bundled into the Ubuntu installation from 9.10 onwards and allows you to install a IaaS cloud into which you subsequently install Ubuntu Server instances, rather than directly installing an Ubuntu Server. The Eucalyptus proposition is that the cloud you create is identical from an API – and therefore a tooling – perspective to an Amazon EC2 cloud, and the same Ubuntu instances can run inside it, and even can be cloud-bursted out to it. Canonical make a lot of this duality in their positioning of Eucalyptus and the Ubuntu Enterprise Cloud. It feels very-much like an “onramp” message that we hear from VMware.

Rackspace has got the OpenStack governance model spectacularly wrong, and as a result the whole initiative is in peril. Not only are the Chair and the Chief Architect appointed directly by Rackspace, but 3 additional members are appointed directly by Rackspace, meaning that the 4 independently-elected Community members (even if they could agree) could never form a majority. There is actually no need to gain control explicitly. You control by contribution. Since Rackspace contributes most it will gain most control. Rackspace doesn’t actually need control to satisfy its business objectives. ll it needs is to make sure the project is successful and retain enough control over the project to ensure its own needs are met. So our suggestion to OpenStack is to take their Governance model, rip it up and start again.

Does Public or Private make a difference to Cloud Security?

When we talk about Cloud Security, the main concept is to separate, as an example, Coke from Pepsi. This implies that Tenant’s cannot impact the availability of each others data, the integrity of that data, and the confidentiality of that data. But what does this actually mean? Does this apply to all types of clouds in the same way?

There are three types of cloud families: Private, Hybrid, Public. There are at least 3 types of clouds: SaaS, PaaS, and IaaS. Do the same rules for one cloud family work for all cloud families? as well as for the types of clouds?

I believe the answer is yes.

Christofer Hoff (@Beaker) and I had a short discussion on twitter the other day about the VMware Cloud Director (vCD) security guidance. We both felt it was a bit lite and missed the point of Secure Multi Tenancy. However, I feel even more strongly that people will implement what is in the vCD Guidance, vBlock Security Guidance, and the vSphere Hardening Guidance, and in effect have a completely insecure cloud. These three guides look at the problem as if they were singular entities and not as a whole.