The Definition of Cloud and Private Cloud
IT Infrastructure, Simplified
Ok, let’s get this blog going since we know you're busy. The difference between cloud computing types really comes down to the network deployment or topology of the IT assets and the impact on performance and security. Let’s tell you everything you need to know about private cloud starting with the fundamentals of cloud computing. According to the NIST Definition of Cloud Computing published back in 2011 but still valid today for any service to be considered a cloud service, the following five criteria must be met:
1. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
2. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
3. The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.
4. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
5. Provider must measure the usage of service and charge it accordingly. Tracking of usage is also helpful in improving services. The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.
With those cloud fundamentals understood it’s now much easier to understand the differences of all cloud types, including Private Cloud. So far, there are only 4 types of cloud infrastructures commonly employed by businesses around the world today:
1. Private clouds – According to the NIST, “private cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.” It’s simply sharing of IT infrastructure only within a single corporate controlled network or virtual private network (VPN). Basically, all cloud infrastructure is considered private cloud when the underlying IT infrastructure is dedicated to a single customer with controlled network access. All outsiders and the public are completely fenced off.
Typically any interfacing with public networks for ecommerce or transferring data files with 3rd parties is done via a demilitarized zone (DMZ). DMZs are subnets built between the public internet and private corporate networks, commonly referred to as intranets. DMZs are commonly used to keep the most valuable corporate data, private network and private cloud infrastructure safe from direct outside influence. Servers or hosts inside the DMZ cannot access internal network resources, nor can external client sessions coming from the public network. They hit what is commonly referred to as the “firewall”. The firewall is the device or router that restricts and controls all traffic and protect private networks. The DMZ helps keep the peace.
The private cloud model typically uses on-premises infrastructure in a company's local data center or a separate and dedicated physical infrastructure provided by an experienced third-party services provider.
2. Public clouds –While AWS Outpost may blur the lines between private and public cloud for some, do not be confused. Any IT Infrastructure that is cut up into parts and resold to multiple tenants, is public cloud. Here the NIST definition is nice and clear: “public cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.” Again, it’s all about what network you use to access the IT resources. If infrastructure is shared with multiple organizations that means they share some network access points and other resources. This can lead to some undesirable scenarios that physically cannot occur with private cloud, like:
· Unpredictable performance from shared storage
· Stolen CPU cycles from other tenants on same physical device
· Memory leaks within shared RAM
YIKES! Not exactly something an IT Director purchasing assets for a financial services company wants to hear. This is the primary difference between public and private cloud - sharing resources and therefore not really knowing what’s going on behind the public cloud curtain of these top cloud providers or hyperscalers:
3. Hybrid clouds – Any time a company combines their private cloud with any public cloud (multi-tenant) service that is considered a hybrid cloud infrastructure. NIST defines hybrid cloud as: “the cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).” Hybrid cloud is great because it provides options. Options are good for managing costs and seeking better business outcomes. Companies can balance corporate risk by using private cloud for mission critical applications, innovative IP or confidential information and use public cloud for less critical needs. But hybrid cloud can be challenging especially in designing and maintaining the critical networks resources to keep data flowing between cloud instance types. To maintain high performing hybrid clouds network expertise is paramount, without it nothing else matters. To ensure cloud transformation success, ensure your hybrid cloud provider has proven global network expertise like Enzu
4. Multiclouds – The term multicloud wasn’t a common IT term at the time of the 2011 NIST paper publication. So the above NIST definition of hybrid cloud definitely includes multiclouds but of course that wasn’t good enough for the IT industry. Enamored with acronyms and marketing terms the term multicloud was born adding a little more complexity to cloud terms and confusing some in the process. So mutlicloud is really just more than one cloud of the same type used together. I.e. using two public cloud vendors simultaneously is the typical use case of the term multicloud. Multicloud implies the use of multiple cloud computing infrastructures of the same type but managed within a single heterogeneous architecture.
Now within the different cloud infrastructures described above there are 3 main types of services available which are broken down by how many levels of the IT infrastructure stack the cloud service provider (CSP) delivers:
1. Infrastructure as a Service (IaaS) – There are many conflicting definitions of IaaS if you search for it. The simplest definition is usually the best. IaaS is where a company leases or receives infrastructure services (storage, compute, network) and pays periodically for the services or pay as you go. There are no large upfront hardware or capital expenditures for the company consuming the infrastructure services. This is growing fast as it’s convenient and budget friendly for modern, digitally driven organizations.
Typically, in IaaS the cloud service provider will manage the hardware infrastructure and stop at the server operating system software level and leave that to the customer to manage and maintain:
2. Platform as a Service (PaaS) – is exactly like IaaS but adds additional services to isolate the users from the underlying hardware and software infrastructure. Typically, it means the cloud provider supports the entire platform stack including the servers, operating systems, virtual servers, allowing the business to focus on running the workload or application and not the operating system upkeep or patching and maintaining server operating systems and their device drivers. Since PaaS hides more of the underlying infrastructure from developers and other users, it is somewhat similar to serverless computing and function-as-a-service (FaaS) where the cloud provider maintains the underling IT infrastructure and manages the allocation of resources.
3. Software as a Service (SaaS) – is an application implementation model where the entire infrastructure and application stack including delivery, licensing and access of software is managed by the cloud service provider. SaaS is typically purchased as an annual subscription requiring only a client email address to run in a browser.
Got all that? Then congratulations on understanding the basics of cloud computing! But it is just the beginning of unraveling the complexities of modern IT infrastructure. Sometimes it can be challenging to determine what the cloud infrastructure is when bare-metal IT infrastructures used by public cloud providers can also be re-sold as IaaS, or can be developed into a cloud platform and sold as PaaS by other companies. In effect creating hundreds of public cloud middle persons with some value-added services to offer.
Also as we virtualize to scale, and automate to simplify and speed up, in some ways things are actually getting much more complex in computing. For example, I remember installing the first shared open systems IT resources post-mainframe back in the pre-internet/mobile phone, big-hair rock-band days of the 80’s! We were sharing private resources just like a private cloud does today. Yes it was before the dawn of the internet, but it was geek heaven at the time just the same. As an IT executive I was proud of the customer experience we were offering. We had somewhat flexible, on-demand, cloudlike options, even way back then. Not quite the expansive list of apps available today but we had plenty of user choice. We had both option 1 and an entirely different and unique option called number 2 to choose from! All delivered via a gorgeous two tone ascii menu:
Fig 1: Imagine is these were your only choices? 1996 PC screen on bootup.
Seriously, it’s pretty obvious managing distributed IT is way more complex today. The practical implications of these different and sometimes complex cloud models can have both good and disastrous outcomes, depending on how they are architected and operated. With cloud computing it’s buyer beware for sure. It’s not as easy as just provisioning some compute and storage, copying over some files and everything performs excellent. Cloud performance can suffer with network challenges or change dramatically and expectedly over time. Staying somewhat portable with modern application architectures can prevent vendor lock-in but for anyone who has run IT operations knows, once you start a production environment somewhere and users get use to it, it’s very difficult to move. Change is not as easy as it sounds. And it’s not just the technical change, changing human behavior and meeting increasingly higher expectations of IT staff seems to be a never-ending pressure and huge responsibility.
Choosing a cloud type or cloud service is a unique decision. No two businesses, data centers or IT departments are the same. And there is no perfect cloud answer for everyone. So it’s critically important to understand your cloud options and the purpose of each cloud computing type and how the good or bad implementation of that cloud service might impact your business. If you are in need of cloud expertise or a new cloud services provider, consider Enzu. Enzu provides premium cloud managed services at affordable rates. Request a demo of Enzu TruCloud - premium cloud services at affordable rates.