Cloud infrastructure generally is categorized into three parts that all collaborate to create a cloud service:
- Networking: To transfer data externally as well as between computer and storage systems, this part of the infrastructure relies on routers and switches.
- Computing: The computing portion of the infrastructure is delivered by server racks in order to deliver cloud services for various services and partners.
- Storage: A cloud infrastructure will likely need considerable storage often using a combination of hard disks and flash storage.
- Availability: With loss less DR
Customers want their IT services be up and available at all times. But in reality, computers sometimes fail. This implies that the service provider should have implemented a reliable disaster recovery (DR) mechanism where in the service provider can move the customer from one data center to another seamlessly and the customer does not even have to know about it.
As a cloud service provider, there will be enormous pressure to minimise costs by optimally utilizing all the IT infrastructure. The traditional Active-Passive DR strategy is very expensive and cost inefficient. Instead, service providers will have to create an Active-Active disaster recovery mechanism where more than one data center will be active at all times and ensures that the data and services can be accessed by the customer from either of the data centers seamlessly.
- Data Security
Security is the key concern for all customers since the applications and the data is receding in the public cloud, it is the responsibility of the service provider for providing adequate security. In my opinion security for customer data/applications becomes a key differentiator when it comes to selecting the cloud service provider. When it comes to IT security, customers tend to view the cloud service providers like they view banks. The service provider is totally responsible for user security, but there are certain responsibilities that the customer also needs to take.
The service provider must a robust Information Security Risk Management process which is well understood by the customer, and customer must clearly know his responsibilities as well. As there are several types of cloud offerings (SaaS, PaaS, IaaS etc), there will be different sets of responsibility for the customer and the service provider depending on the cloud service offering.
When it comes to security, the cloud service providers offer better security than what the customer’s own data center security. This is kin to banks where banks can offer far greater security than any individual or company. The security in cloud is much higher due to: Centralized monitoring, enhanced incidence detection/forencics, logging of all activity, greater security/venerability testing, centralized authentication testing (aka password protection/assurance), Secure builds & testing patches before deployment and lastly better security software/systems.
Customer on Cloud computing have a dynamic computing load. At times of high load, they need greater amount of computing resources available to them on demand, and when the work loads are low, the computing resources are released back to the cloud pool. Customer expect the service provider to charge them for what they have actually used in the process.
Customers also want a self-service on-demand resource provisioning capability from the service provider. This feature enables users to directly obtain services from clouds, such as spawning the creation of a server and tailoring its software, configurations, and security policies, without interacting with a human system administrator. This eliminates the need for more time-consuming, labour-intensive, human driven procurement processes familiar to many in IT.
This implies that the dynamic provisioning system should be the basic part of cloud management software through which users can easily interact with the system.
To provide an elastic computing resource, the service provider must be able to dynamically provision resources as needed and have adequate charge back systems to bill the customer.
In reality, it may not be possible for any single cloud service provider to build an infinitely scalable infrastructure and hence customers will have to rely on a federated system of multiple cloud service providers sharing the customer loads. (Just like a power grid, where the load gets distributed to other power plants during peak loads).
- Portability of Data & Applications
Customers hate to be locked into a service or a platform. Ideally a cloud offering must be able to allow customers to move out their data & applications from one service provider to another just like customers can switch from one telephone service provider to another.
As applications are being written on standard platforms; Java, PHP, Python, etc. It should be possible to move the customer owned applications from one service provider to another. Customers should also take care to use only the open standards and tools, and avoid vendor specific tools. Azure or Google services offers several tools/applications/utilities which are valuable but it also creates a customer locking as the customer who uses these vendor specific tools cannot migrate to another service provider without rewriting the applications.
Managing the cloud infrastructure from the customer perspective must be under the control of the customer admin. Customers of Cloud services must be able to create new accounts, must be able to provision various services, do all the user account monitoring monitoring for end user usage, SLA breaches, data usage monitoring etc. The end users would like to see the availability, performance and configuration/provisioning data for the set of infrastructure they are using in the cloud.
Cloud service provider will have various management tools for Availability management, performance management, configuration management and security management of applications and infrastructure (storage, servers, and network). Customers want to know how the entire infrastructure is being managed and if possible, can that management information be shared with them, and alert the customer on any outage, slow service, or breach of SLA as it happens. This allows customer to take corrective actions either move the applications to another cloud or enable their contingency plans.
Sharing the application performance and resource management information will help improve utilization and consequently optimize usage by customers. This will result in improving ROI for the customers and encourage customers to adapt cloud services.
- Federated System
There are several reasons as to why customers will need a Federated cloud system. Customers may have to buy services from several cloud service providers for various services; email from Google, online sales transaction services from Amazon and ERP from another vendor etc. In such cases customer want their cloud applications to interact with other services from several vendors to provide a seamless end to end IT services.
This implies that each of the cloud services must have an interface with other cloud services for load sharing & application interoperability.
In a federated environment there is potentially an infinite pool of resources. To build such a system, there should be inter-cloud framework agreements between multiple service providers, and adequate chargeback systems in place.