Tag Archives: PaaS

Clouds On A Plane: VMware’s Micro Cloud Foundry Brings PaaS To My Laptop

On the eve of this week’s VMworld conference in Las Vegas, VMware announced that Micro Cloud Foundry is finally available for general distribution. This new offering is a completely self-contained instantiation of the company’s Cloud Foundry PaaS solution, which I wrote about earlier this spring. Micro Cloud Foundry comes packaged as a virtual machine, easily distributable on a USB key (as they proved at today’s session on this topic at VMworld), or as a quick download. The distribution is designed to run locally on your laptop without any external dependencies. This allows developers to code and test Cloud Foundry apps offline, and deploy these to the cloud with little more than some simple scripting. This may be the killer app PaaS needs to be taken seriously by the development community.

The reason Micro Cloud Foundry appeals to me is that it fits well with my own coding style (at least for the small amount of development I still find time to do). My work seems to divide into two different buckets consisting of those things I do locally, and the things I do in the cloud. More often than not, things find themselves in one bucket or the other because of how well the tooling supports my work style for the task at hand.

As a case in point, I always build presentations locally using PowerPoint. If you’ve ever seen one of my presentations, you hopefully remember a lot of pictures and illustrations, and not a lot of bullet points. I’m something of a frustrated graphic designer. I lack any formal training, but I suppose that I share some of the work style of a real designer—notably intense focus, iterative development, and lots of experimentation.

Developing a highly graphic presentation is the kind of work that relies as much on tool capability as it does on user expertise. But most of all, it demands a highly responsive experience. Nothing kills my design cycle like latency. I have never seen a cloud-based tool for presentations that meets all of my needs, so for the foreseeable future, local PowerPoint will remain my illustration tool of choice.

I find that software development is a little like presentation design. It responds well to intense focus and enjoys a very iterative style. And like graphic design, coding is a discipline that demands instantaneous feedback. Sometimes I write applications in a simple text editor, but when I can, I much prefer the power of a full IDE. Sometimes I think that IntelliJ IDEA is the smartest guy in the room. So for many of the same reasons I prefer local PowerPoint for presentations, so too I prefer a local IDE with few if any external dependencies for software development.

What I’ve discovered is that I don’t want to develop in the cloud; but I do want to use cloud services and probably deploy my application into the cloud. I want a local cloud I can work on offline without any external dependency. (In truth, I really do code on airplanes—indeed some of my best work takes place at 35,000 feet.) Once I’m ready to deploy, I want to migrate my app into the cloud without modifying the underlying code.

Until recently, this was hard to do. But it sounds like Micro Cloud Foundry is just what I have been looking for. More on this topic once I’ve had a chance to dig deeply into it.

NIST Seeks Public Input On New Cloud Computing Guide

What is the cloud, really? Never before have we had a technology that suffers so greatly from such a completely ambiguous name. Gartner Research VP Paolo Malinverno has observed that most organizations define cloud as any application operating outside their own data centre. This is probably as lucid a definition as any I’ve heard.

More formalized attempts to describe cloud rapidly turn into essays that attempt to bridge the abstract with the very specific, and in doing seem to miss the cloud for the clouds. Certainly the most effective comprehensive definition has come from the National Institute of Standards and Technology (NIST), and most of us in the cloud community have fallen back to this most authoritative reference when clarity is important.

Now is our chance to give back to NIST. To define cloud is to accept a task that will likely never end, and the standards boffins have been working hard to continually refine their work. They’ve asked for public comment, and I would encourage everyone to review their latest draft of the Cloud Computing Synopsis and Recommendations. This new publication builds on the basic definitions offered by NIST in the past, and at around 84 pages, it dives deep into the opportunities and issues surrounding SaaS, IaaS, and PaaS. There is good material here, and with community input it can become even better.

You have until June 13, 2011 to respond.

VMware’s Cloud Foundry Ushers In The Era Of Open PaaS

Mention VMware to anyone in IT and their immediate thought is virtualization. So dominant is the company in this space that the very word VM has a sense of ambiguity about it: does it refer specifically to a vmdk, or another hypervisor image like Xen? As with Kool-Aid and Band-Aid, there is nothing better for a company than to contribute a word to the English lexicon, and while VMware may not completely own virtual machine, they command enough association to get passed the doorman of that enviable club.

Strong associations however, may not translate directly into revenue. From open source Xen to Microsoft’s Hyper-V, virtualization technology is rapidly commoditizing, a threat not lost on VMware. Hypervisors are now largely free, and much of the company’s continued success derives from the sophisticated management products that make mass virtualization a tractable challenge in the enterprise. But for every OpenView, there is ultimately a Nagios to content with, so the successful company is always innovating. VMware, a very successful company, is innovating by continuing its push up the stack.

Last week VMware introduced Cloud Foundry, an open Platform-as-a-Service product that represents an important step to transform the company into a dominant PaaS player. You don’t have to read any tea leaves to see this has been their focused strategy for some time; you just have to look at their acquisitions. SpringSource for Java frameworks; RabbitMQ for queuing; Gemstone for scalable, distributed persistence; and Hyperic to manage it all—it’s basically the modern developer’s shopping list of necessary application infrastructure. The only thing they are still missing is security.

Cloud Foundry assembles some components of this technology in a package that enables developers to skip the once-necessary evil of infrastructure integration and to instead concentrate fully on the business problems they’ve been tasked to solve. It is a carefully curated stack of cloud-centric frameworks and infrastructure made available by a cloud provider as a service. Right now, you can use Cloud Foundry in VMware-managed cloud; but the basic offering is available for any cloud, public or private. Applications should be easily portable between any instance of Cloud Foundry. VMware even promises a forthcoming micro-cloud VM, which makes any developer’s laptop into a cloud development environment.

All of this reduces friction in application development. Computing is full of barriers, and we often fall into the psychological trap of perceiving these to be bigger than they actually are. Barriers are the enemy of agile, and basic infrastructure is a barrier that too often saps the energy out of a new idea before it has a chance to grow. Make the plumbing available, make it simple to use, and half the battle for new apps is over. What’s left is just fun.

Cloud Foundry is important because it’s like a more open Azure. Microsoft deserves credit for keeping the PaaS dream alive with their own offering, but Azure suffers from a sense of lock-in, and it really only speaks to the Microsoft community. Plus the Microsoft ad campaign for cloud is so nauseating it might as well be bottled as a developer repellant for people who hate geeks.

Cloud Foundry, in contrast, goes far to establish its claim to openness. It references the recently announced Cloud Developer’s Bill of Rights, another initiative spearheaded by VMware. Despite being a Java-head myself, I was encouraged to learn that Cloud Foundry offered not just Spring, but Ruby on Rails, Sinatra for Ruby and Node.js. They also support Grails, as well as other frameworks based on the JVM. Persistence is handled by MySQL, MongoDB, or the Redis database, which is a decent range of options. So while VMware has’t quite opened up all their acquisition portfolio to the cloud community, they have assembled the critical pieces and seem genuine in their goal of erasing the stigma of lock-in that has tarnished previous commercial PaaS offerings.

I’m a fan of PaaS; I’m even a member of the club that believes that of the big three *-as-a-Services, PaaS is destined to be the dominant pattern. Managing and configuring infrastructure is, in my mind, pretty much on par with actually managing systems—a task I consider even less rewarding than shoveling manure. And I’m not alone in this opinion either. Once PaaS becomes open and trustworthy, it will be an automatic choice for most development. PaaS is the future of cloud, and VMware knows this.

How To Get Rich Quick With Cloud Computing

You know that a technology has hit the mainstream when it appears in PCWorld. Such is the case for cloud computing, a topic PCWorld considers in its recent piece Amazon Web Services Sees Infrastructure as Commodity. Despite the rather banal title, this article makes some interesting points about the nature of commoditization and the effect this will have on the pricing of services in the cloud. It’s a good article, but I would argue that it misses an important point about the evolution of cloud services.

Of the three common models of cloud–SaaS, PaaS, and IaaS–it’s the later, Infrastructure-as-a-Service (IaaS), that most captivates me. I can’t help but begin planning my next great start-up built using the virtualization infrastructure of EC2, Terramark, or Rackspace. But despite a deep personal interest in the technology underpinning the service, I think what really captures my imagination with IaaS is that it removes a long-standing barrier to application deployment. If my killer app is done, but my production network and servers aren’t ready, I simply can’t deploy. All of the momentum that I’ve built up during the powerful acceleration phase of a startup’s early days is sucked away—kind of like a sports car driving into a lake. For too many years, deployment has been that icy cold water that saps the energy out of agile when the application is nearing GA.

IaaS drains the lake. It makes production-ready servers instantly available so that teams can deploy faster, and more often. This is the real stuff of revolution. It’s not the cool technology; it’s the radical change to the software development life cycle that makes cloud seem to click.

The irony, however, is that Infrastructure-as-a-Service is itself becoming much easier to deploy. It turns out that building data centers is something people are pretty good at. Bear in mind though, that a data center is not a cloud—it takes some very sophisticated software layered over commodity hardware to deploy and manage virtualization effectively. But this management layer is rapidly becoming as simple to deploy as the hardware underlying it. Efforts such as Eucalyptus, and commercial offerings from vendors like VMWare, Citrix, and 3Tera (now CA), and others are removing the barriers that have until recently stood in the way of the general-purpose co-location facility becoming an IaaS provider.

Lowering this barrier to entry will have a profound effect on the IaaS market. Business is compelled to change whenever products, process or services edge toward commodity. IaaS, itself a textbook example of a product made possible by the process of commoditization, is set to become simply another commodity service, operating in a world of downward price-pressure, ruthless competition, and razor-thin margins. Amazon may have had this space to itself for several years, but the simple virtualization-by-the-hour marketplace is set to change forever.

The PCWorld article misses this point. It maintains that Amazon will always dominate the IaaS marketplace by virtue of its early entry and the application of scale. On this last point I disagree, and suggest that the real story of IaaS is one of competition and a future of continued change.

In tomorrow’s cloud, the money will made by those offering higher value services, which is a story as old as commerce itself. Amazon, to its credit, has always recognized that this is the case. The company is a market leader not just because of its IaaS EC2 service, but because the scope of its offering includes such higher-level services as database (SimpleDB, RDS), queuing (SQS) and Content Delivery Networks (CloudFront). These services, like basic virtualization, are the building blocks of high scalable cloud applications. They also drive communications, which is the other axis where scale matters and money can be made.

The key to the economic equation is to possess a deep understanding of just who-is-doing-what-and-when. Armed with this knowledge, a provider can bill. Some services—virtualization being an excellent example—lend themselves to simple instrumentation and measurement. However, many other services are more difficult to sample effectively. The best approach here is to bill by the transaction, and measure this by acquiring a deep understanding of all of the traffic going in or out of the service in real time. By decoupling measurement from the service, you gain the benefit of avoiding difficult and repetitive instrumentation of individual services and can increase agility through reuse.

Measuring transactions in real time demands a lot from the API management layer. In addition to needing to scale to many thousands of transactions per second, this layer needs provide sufficient flexibility to accommodate the tremendous diversity in APIs. One of the things that we’ve noticed here at Layer 7 with our cloud provider customers is that most of the APIs they are publishing use fairly simple REST-style interfaces with equally basic security requirements. I can’t help but feel a nagging sense of déjà vu. Cloud APIs today are still in the classic green field stage of any young technology. But we all know that things never stay so simple for long. Green fields always grow toward integration, and that’s when the field becomes muddy indeed. Once APIs trend toward complexity—when it not just username/passwords you have to worry about, but also SAML, OAuth variations, Kerberos and certificates—that’s when API management layer can either work for you, or against you—and this is one area where experience counts for a lot. Rolling out new and innovative value-added services is set to become the basis of every cloud provider’s competitive edge, so agility, breadth of coverage and maturity is an essential requirement in the management layer.

So to answer my original question, if you are a cloud provider, you will make money on the higher-level services. But where does that leave the rest of us? There is certainly money to be made around these services themselves, by building them, or providing the means to manage them. The cloud software vendors will make money by providing the crucial access control, monitoring, billing, and management tools that cloud providers need to run their business. That happens to be my business, and this infrastructure is exactly what Layer 7 Technologies is offering with its new CloudControl product, a part of the CloudSpan family of products. CloudControl is a provider-scale solution for managing the APIs and services that are destined to become the significant revenue stream for cloud providers—regardless of whether they are building public or private clouds.

You can learn more about CloudControl on Layer 7’s web site.

All Things Considered About Cloud Computing Risks and Challenges

Last month during the RSA show, I met with Rob Westervelt from ITKnowledgeExchange in the Starbucks across from Moscone Center. Rob recorded our discussion about the challenges of security in the cloud and turned this into a podcast. I’m quite pleased with the results. You can pick up a little Miles Davis in the background, the odd note of an espresso being drawn. Alison thinks that I sound very NPR. Having been raised on CBC Radio, I take this as a great compliment.

Pour yourself a coffee and have a listen.

Economist: Unlocking the Cloud

The Economist is now reporting on the cloud. They’ve picked up on the very real concern of vendor lock-in because of proprietary standards. The article focuses on data portability between SaaS apps, but the same issue arises in IaaS (different proprietary virtualization formats, despite what the Open Virtualization Format (OVF) promises), and in PaaS (google app engine extensions to Python which are hard to ignore and lock you into their platform).

NIST Perspective on Cloud Computing

Earlier this month, NIST went public with their perspective on cloud computing. This is important because NIST is a well-respected, public standards organization, and there is still a lot of confusion about what cloud really is (the *-aaS affect).

They released only  a short, two page document and a longer, 72 slide PowerPoint (you can find their main page here). They are offering a broad definition based on essential characteristics, delivery models, and deployment models:

Essential Characteristics:

On-demand self-service

Ubiquitous network access

Location independent resource pooling

Rapid elasticity

Measured Service

Delivery Models:

Cloud Software as a Service (SaaS)

Cloud Platform as a Service (PaaS)

Cloud Infrastructure as a Service (IaaS)

Deployment Models:

Private cloud

Community cloud

Public cloud

Hybrid cloud

There’s not really anything new here, but that’s fine; it’s more important as a validation of the emerging models and ideas from a public standards body. I do like the three pronged approach, acknowleding that cloud is a lot of things but at the same time keeping it simple and concise. Brevity is the soul of great standards.

It’s worth keeping an eye on this effort.