Companies large and small added Cloud Computing as an agenda item to every key decision they made around IT last year. As companies continued to combat the budget pressures stemming from the financial downturn the cost-efficiencies delivered by SaaS, PaaS, IaaS are becoming increasing irresistible. These topics are no longer fancy acronyms that are restricted to the slide decks of visionaries.

Now let us look at the reality. Despite all the hype and promises of cost efficiencies and barrage of me-too announcements we get daily from technology vendors purporting Cloud capabilities, all the evidence around usage of  Cloud services points to it being limited to

1. Early stage startups building edge-apps or small business focused applications. (Okay, I know there are some exceptions and they are anything but)
2. Enterprises replacing file shares with cloud based storage for redundancy, backups.
3. Enterprises conducting a proof-of-concept/R&D projects on cloud based computing power before building the real-thing in-house.

While the value of Cloud is definitely the way of future, I still do not see any real evidence of large scale customers moving their mission critical technology deployments on to the cloud based infrastructure. Not just yet.

In fact, there is no evidence that Big 4 SaaS vendors Salesforce.com, Intacct, NetSuite, SuccessFactors themselves claiming their services are based on commercial cloud based infrastructure. Note: I will stand corrected if someone from those companies can provide some facts.

In this two part series, I will focus on the Infrastructure-as-a-Service (IaaS)  and try and establish the needs yet to be met before a wider, large company adoption can be expected. In the follow-up posts, I will delve into PaaS  related challenges and needs.

Infrastructure-as-a-Service (IaaS), for the uninitiated, is the delivery of IT Infrastructure capacity as a service. Companies can consume ubiquitous elastic Computing Power, Storage Capacity, Network Capacity, Security, Backup, Redundancy on a usage based subscription fee.

IaaS aims to relieve companies from the burden of

• Having to make large capital investments in IT Infrastructure to build capacity and consequently move to a more predictable OPEX model in tune with your business needs.
• License, Install, Upgrade and maintain all software
• Buy, Configure, Upgrade and Maintain Hardware
• Hire and Retain teams of System Administrators, Network Engineers, Database Administrators
• Negotiate and Maintain Vendor contracts.

All these capabilities delivered by achieving unprecedented economies of scale by using commodity hardware, open source software, virtualization and continuous automation. In fact, strategic partnerships between hardware and virtualization vendors like the Dell-VMWare partnership have started delivering more specialized packaged solutions at better price points.

All the virtues listed above and then some make for a undeniable value proposition. So why all the concern and inertia in large scale adoption?

Large enterprises work in cycles that are much slower than the pace of innovation in industry. With good reasons, I might add. IT has become the backbone of running any business today and changing that in-flight is akin to changing the foundation of a house that you continue to live in. So, not withstanding all the catastrophic predictions by the so-called experts, for those not embracing the Cloud, we should carefully look at the reality.

I will use GE as a prototypical large global company with heterogeneous businesses, each with its own demands, technology and resource footprint. So if I am Gary Reiner and I am considering to move the GE IT infrastructure to Cloud based services, here are somethings I would definitely seek answers for

1. Given that I will not be moving my entire IT portfolio to a single Cloud provider, how do I keep my Cloud Deployments in sync? Are they interoperable? Can I move things from one cloud to another? Can I move a VMWare vCloud app to Amazon? Do I need to maintain multiple flavors of them if I use different cloud vendors?
2. Can I move workloads from one cloud provider to another? Or can I burst workloads from one to another to meet seasonal or periodic demands of the IT infrastructure? Think Best Buy during holidays.
3. Can I get guarantees on the performance, latency that I get from my dedicated network?
4. Do I have robust tools to manage the various cloud platforms out there? Can the same set tools work for all the cloud platforms?
5. Can I meet the governance mandates, I have around SOX, HIPAA, PCI-DSS? Can I have control on defining access policies to the data all the way to the storage?
6. The most important, can I tie the Quality of Service that I need to provide to the business, with the elasticity of the cloud. Especially, given that the cloud provider’s architecture has been built to provide a particular service and not envisioned as participating in another transaction.

Let us go through each of the points in detail

Interoperability: As with any new technology, the cloud standards are yet to mature, if at all. Each infrastructure-as-a-service vendor is pushing their own standard implementation API – AMI for Amazon, vCloud for VMWare. They do not have standards for a common API that service providers or application vendors can integrate into to access those services. Standards around security, cloud security, infrastructure protocols and data artifacts are still in the early stages in DMTF, the working body that is making an attempt to draft standards. Cloud interoperability standards that result from their work it is hoped will reduce lock-in and increase agility for cloud computing adopters taking advantage of a multi-provider, mixed cloud environment.

Portable Workloads: Given that companies have different applications that meet different needs, their capacity and scalability needs might be different too. It is fair to assume that companies would have a federation of clouds to manage different needs – much the same reason companies have multiple internal networks to compartmentalize things. The departmental lease management application, core financial application and the corporate data warehouse all might be hosted on different clouds if not different providers. If a company decides to use a hybrid model with some of those applications in house and spare capacity for them on cloud, today it is not possible to burst out workloads from one cloud to another or from an internal network to the cloud. This goes back to the lack of standards.

Network Latency:  In the new soon-to-be-all-in-cloud world we will all be accessing the applications through the good old internet. This is like saying we will all take the same freeway to work in the morning. So every time there was the Victoria Secret live broadcast on the internet we will all be log jammed on our way to the critical application we need access to finish work. This today is less of an issue since most large enterprises have dedicated networks and WAN optimization implemented.  All the SLAs provided by the IT to business and Cloud provider to the IT organizations is moot if the packets don’t travel fast enough. Another kind of Net Neutrality discussion you say?

Manageability: Most of the enterprise applications that are managed on-premise today have sophisticated tools from System Management vendors like HP, BMC, CA that allow you to manage almost all the aspects of the enterprise IT footprint. Once we move the applications to the Cloud, most of those system management tools, configured to your current environment might not work. Load Testing, Monitoring, Quality, Configuration Discovery tool vendors do not openly claim to support cloud based deployment. Most of this goes back to the fact that there no standards for Cloud APIs. Adapting the tools for each cloud provider is a R&D spend tools vendors have not committed to.

Data Governance: In the hyper optimized virtualized environments in which the Cloud platforms operate (they have to so they achieve economies of scale) data is virtualized, sharded, replicated, cached. This brings the very critical needs around data retention, protection, purging, access requirements mandated by SOX, PCI, HIPAA that large companies need to comply with. The current cloud vendors save some announcements do not openly claim they are ready to sign SLAs to agree to these needs. The Cloud platforms today do not have the quality of tools that are needed for companies to dive into the logs, access and troubleshoot.

Availability and Reliability: Unplanned outages in Amazon, Google are but rare publicly discussed occurrences of Cloud Service reliability issues. Those kinds of odd occurrences can happen even in a private network. But when you talk about multiple large customers co-locating on the same infrastructure, it raises concerns of many more of those outages. The Cloud architecture that are available today have been designed with a certain set of assumptions of how applications work. Case-in-point,  Amazon.com has no understanding how SAP Payroll system would work, neither are they interested. So not having an understanding of application workload patterns, architecture any SLA provided upfront is meaningless. Without tying the Quality-of-Service(QoS) metrics that you have in place for your customers/business and the SLAs being signed with Cloud vendor there is no way availability can be guaranteed. If you consider the scenario of multiple clouds or hybrid clouds then the integration of SLAs between all of them and tying it to QoS is practically impossible. Service credits to compensate for the lack of availability, by themselves, might not guarantee his/her job for the CIO who made the decision to move to cloud.

I know an argument could be made as to how things like portable workloads are handled today in an internal network, if at all. I admit, companies are probably not geared to handle these needs today, whilst on their own network, but then if we discount future needs then all the switch-to-cloud would bring is a like-for-like swap,  a cloud network for private network. The cost advantages that cloud brings will be offset by the loss of existing investment. So what gives?

I also hear people talking about companies not being ready to absorb sunk costs into legacy IT infrastructure as the reason behind lack of cloud adoption. To which I say – I don’t see people swapping old perfectly well-functioning cars/houses for new energy efficient ones. Maybe a cash-for- clunkers program is in order here too.

If at the end of this elaborate post, if it seemed that I am a tad bit anti-cloud, I am not. I am a die-hard fan on the cloud computing. In fact, I am one of those who thinks – IT shops have no business building custom applications, regular companies have no business building their own power generators and people like me have no business buying a cow when all I need is just milk. The world works best when specialists are left to do things they are the best equipped to do. That said, I would tread carefully and evaluate my risk before making bets on next best technology innovation since slice bread.