By Tony Scott

Cloud Computing Services Overview

There is so much written about cloud computing, it’s sometimes difficult to discern the basics.  It doesn’t help that cloud providers are bombarding you with spins on their product offerings while introducing new services and terminology along the way as this space evolves. 

Like anything else, cloud computing is just a service.  In my previous post on the topic, you need to structure your SLAs in a way that drives behavior from your cloud providers to maximize benefits for your organization.  We did not examine, though, the different services that can be garnered from cloud providers. 

Of course, the service expectations from the cloud are driven from your specific requirements, but let’s spend some time looking at what options are available to you.  For purposes of this discussion, I am going to boil these services down to three basic component levels:

• Infrastructure as a Service (IaaS)
• Platform as a Service (PaaS)
• Software as a Service (Saas)

Granted, there is much more granularity evolving as these service offerings continue to develop; nevertheless, I wanted to keep this at a somewhat high level so we could spend time comparing and contrasting these service offerings and the implications to decision making as to which path you should proceed down. 

Before we get into some details here, I also wanted to level set the differences between public clouds and private clouds.  Private clouds are those that are managed within the company’s internal intranet and data center.  These services are provided within the confines of the company, and unless there is some specific value in reselling those services outside of the company (which by the way is an entirely different topic of how technology organizations generate revenue), they are primarily consumed internally.  Public clouds then are those service offerings that are available outside of the company’s managed intranet and usually consumed by multiple customers simultaneously. This topic will focus on public clouds. 

Infrastructure as a Service (IaaS)

The basic concept behind Infrastructure as a Service is leveraging a hosted server and / or storage framework to lay down the application or services framework you need on top of the provided infrastructure framework delivered by the cloud provider.  Basically, it is the outsourcing of your data center.  There are tremendous cost advantages of not having to manage the facilities or the equipment that comes with a data center.  However, that is where the line is drawn and, at that point, the rest is up to your organization to manage. 

Services typically provided from IaaS include on demand server and storage capacity, OS and patch level management, databases, e-mail, load balancing, and other framework services. 

The more you know about your application and systems architecture, the better prepared you will be when it comes to determining what type of services you will need from an IaaS vendor.  Some of the key points to consider in looking to outsourcing your infrastructure include:

• Storage – a decision as to whether to manage the storage platforms yourself or whether the provider will manage those services is driven from the complexity of the requirements from the various groups that would be using that storage (such as for virtual machine management and database storage).  If you are going to have your vendor manage the storage for you, you need to clearly spell out the service expectations and any specific design and engineering requirements with the vendor ahead of time.  You will quickly find that if you let the vendor manage the storage without those expectations set, your vendor will not be goal aligned with you and your organization will be in the position to have to spend quite a bit of money in additional fees to obtain the services that you need to accomplish your objectives. 
• OS and patch management – you will need to determine if you are going to take responsibility for managing the OS as well as the patches and letting the vendor handle hardware only.  Some of this will depend upon the nature of the services you are responsible for delivering to your customers.  If you have applications that have specific OS needs, you will probably want to manage the OS rather than allowing the vendor to manage that facet of the infrastructure.  Like storage, set engineering and architecture standards and expectations up front to ensure they are part of the service offerings you are paying for. 
• Network – verify that any network and firewall configuration requirements are agreed to by the vendor before proceeding.  There may be conflicts with trying to implement some of the firewall rules with the vendor to protect other customer’s information and systems. Load balancing requirements also needs to be flushed out and appropriate configuration changes agreed to by the vendor.  Identify any other specific requirements such as these to make sure they can be supported by the vendor.

Platform as a Service (PaaS)                     

These services focus on providing a framework for the rapid development and deployment of applications and application services to your customers without the burden of managing the underlying infrastructure.  These frameworks limit how you develop your applications as you must work within the confines on the APIs and development standards provided to you by the vendor.  Make sure that the APIs are robust enough though to support your requirements. 

Some examples of these vendors include:

• MS Azure
• Google App Engine
• Force.com
• Yahoo Dapper.net and Pipes
• GoGrid

If you need customization of the development platform infrastructure, then this must be spelled out up front in the contract, where they provide you access to modify specific parts of their development infrastructure.  To be sure, these concessions will likely have fees associated with them as they represent non-standard approaches to providing their services (unless the scope of the services you are looking to purchase from the vendor are so large that they would consider waiving those fees). 

Conversely, other services could be made available to you based transactional volume or application complexity, such as load balancing, on-demand storage and network bandwidth.  You will need to check with your vendor to determine what other services could be enabled. 

Rarely do applications live in silos, so integration into applications within your intranet must also be considered as a part of the evaluation of the vendor you choose.  You need to look at security requirements and standards that your technology organization has established and ensure that the vendor will be able to adhere to them. 

Speaking of security requirements, identify the authentication mechanism you will use – your own directory services, or any proprietary authentication mechanisms that the vendor provides.  If the vendor’s authentication methods are leveraged, make sure they adhere to your security standards. 

Software as a Service (SaaS)

Finally, there is Software as a Service which is purchasing the use of packaged software without having to worry about the system implementation costs.  While the least flexible of the service offerings in the cloud, it also requires the least amount of management from your organization to support.  There is a clear cost advantage to going with SaaS applications for well understood and standard functions such as sales force management, HR, accounting, and procurement functions (as examples).  Several traditional software development vendors have realized the benefit this has to their customers and are working towards providing those services through the cloud (if they have not done so already).

As stated before, you are giving up customizations to go with a more standard solution.  For most organizations, that trade-off is more than acceptable given the cost savings from not having to manage that application themselves. 

The major considerations for selecting a vendor beyond functionality include the extensibility of data to and from your intranet, as well as authentication from within your managed directory services. 

While you are outsourcing your applications, you may not be outsourcing the processes, so training will be required for your employees to make sure the understand how to use this new systems (as with any new systems commissioned within your environment). 

Other Considerations

Some other considerations that should be taken when looking to move into the cloud are:

• Architectural governance – a solid architectural framework, both strategic and operational, are critical to successfully deploy to the cloud.  You need to have a very good understanding of your current environment to minimize the disruptions resulting from the migration to the cloud.  This will also help you define the specific requirements that you will need to give to the vendors during evaluation of cloud services.   
• SOA infrastructure – akin to architectural governance, a robust SOA infrastructure is also critical to success in the cloud.  You will find that services integration is much easier if your organization has already adopted SOA, especially with PaaS and SaaS.
• It’s not as easy as it looks – change is always difficult.  Having a well-defined program and project management office will help steer the transition.  Also, executive commitment will ensure that the resistance is managed accordingly.   All that said you will always find something that you did not know about, so plan for that to ensure those contingencies are accounted for. This is especially true for established applications or infrastructures that are being migrated to the cloud. 
• Cost model – carefully examine the ROI business case for moving to the cloud and choose your outsourcing options to ensure that you have the right balance of functionality and cost savings.