Tag Archives: PaaS

SOCCI: Behind the Scenes

By E.G. Nadhan, HP

Cloud Computing standards, like other standards go through a series of evolutionary phases similar to the ones I outlined in the Top 5 phases of IaaS standards evolution. IaaS standards, in particular, take longer than their SaaS and PaaS counterparts because a balance is required between the service-orientation of the core infrastructure components in Cloud Computing.

This balance is why today’s announcement of the release of the industry’s first technical standard, Service Oriented Cloud Computing Infrastructure (SOCCI) is significant.

As one of the co-chairs of this project, here is some insight into the manner in which The Open Group went about creating the definition of this standard:

  • Step One: Identify the key characteristics of service orientation, as well as those for the cloud as defined by the National Institute of Standards and Technology (NIST). Analyze these characteristics and the resulting synergies through the application of service orientation in the cloud. Compare and contrast their evolution from the traditional environment through service orientation to the Cloud.
  • Step Two: Identify the key architectural building blocks that enable the Operational Systems Layer of the SOA Reference Architecture and the Cloud Reference Architecture that is in progress.
  • Step Three: Map these building blocks across the architectural layers while representing the multi-faceted perspectives of various viewpoints including those of the consumer, provider and developer.
  • Step Four: Define a Motor Cars in the Cloud business scenario: You, the consumer  are downloading auto-racing videos through an environment managed by a Service Integrator which requires the use of services for software, platform and infrastructure along with  traditional technologies. Provide a behind-the-curtains perspective on the business scenario where the SOCCI building blocks slowly but steadily come to life.
  • Step Five: Identify the key connection points with the other Open Group projects in the areas of architecture, business use cases, governance and security.

The real test of a standard is in its breadth of adoption. This standard can be used in multiple ways by the industry at large in order to ensure that the architectural nuances are comprehensively addressed. It could be used to map existing Cloud-based deployments to a standard architectural template. It can also serve as an excellent set of Cloud-based building blocks that can be used to build out a new architecture.

Have you taken a look at this standard? If not, please do so. If so, where and how do you think this standard could be adopted? Are there ways that the standard can be improved in future releases to make it better suited for broader adoption? Please let me know your thoughts.

This blog post was originally posted on HP’s Grounded in the Cloud Blog.

HP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project.

Comments Off

Filed under Cloud, Cloud/SOA, Semantic Interoperability, Service Oriented Architecture, Standards

“He who does not understand history…

By Stuart Boardman, Getronics

….is doomed to repeat it.” (Misquote from Burke – so sue me.)

What exactly is our industry’s problem with history? Why are we so good at dredging it up and so bad at learning from it? Every new development that comes along is treated by some people as a silver bullet that will magically solve all the problems we had before, whilst there are always others keen to assure us there’s nothing new and we were doing it all years ago, so what’s all the fuss about? Neither of these factions seems the least interested in the question of what we were doing wrong before or why, if we already knew how to do it, we so often didn’t get it right.

Right now the big hype and centre of discussion is Cloud but let’s take a look at some history – seen through the filter of my own experience.

My first exposure to a “paradigm shift” was Object Orientation. OO was going to supply us the means to prevent us from making all the errors we made in the past. (One could go back to Structured Programming for the same lessons but that’s before my time). With encapsulation, information hiding, polymorphism and all that great stuff, it would no longer be possible to produce highly coupled application modules with little cohesion. Uh huh. A couple of smart guys called Sharble and Cohen back in 1993 wrote a study called The Object Oriented Brewery (never mind why) in which they demonstrated exactly how easy it was to produce highly coupled, low cohesion code in an OO language. And why was it so easy? Because avoiding these errors requires understanding how they happen – not just technically but the kind of circumstances and thinking that produce them – and there are lots of different ways of getting it wrong! If this is news to you, you could do worse than check this Wikipedia page.

So then the next big thing was SOA. Here again we had the silver bullet merchants (mostly selling ESBs and the like) on the one hand and on the other the “this is just EAI on steroids” bunch, who could all tell you how they’d been doing this for 10 years already. Which of course begs the question: “so why is it such a mess?” It’s not as if we didn’t have good methodologies. I have seen EAI methodologies that really were pretty much SOA. But still it went wrong. We just took those N2-1 interfaces that EAI was supposed to eliminate and stuffed them inside a black box. So clearly the high priests of SOA needed to be asking themselves why this happened. At least they did, if they didn’t want it to happen again. And hey, look – most of them didn’t ask and we did indeed finish up with the same old mess (except now we call it JBOWS). The folks who should have known better (the old hacks) just let it happen. There’ll be a reason for that too.

So what about Cloud? It’s easy to argue that it’s nothing new. I’ve even seen someone argue it all started in 1960! We certainly used to have “time sharing” services, which offered a limited form of what we would now call PaaS over a dial-up connection. More than 20 years ago I was working on an IBM VM system, which one could reasonably describe as fully PaaS (including a usage based charging capability). I also recall an (unsuccessful) IBM initiative to deliver software over the internet direct to user PCs – somewhat along the lines of what app stores do now. And then of course we’ve had outsourcing and managed services in shared data centres, which has also rendered mixed results.

Don’t get me wrong, I don’t want to argue that Cloud is just old wine in new bottles. It represents an aggregation of a variety of capabilities, which at its best has a coherence one couldn’t claim was available in earlier manifestations. It’s to a considerable extent platform independent. (I didn’t say interoperable, OK?)

But there’s nothing inherent to Cloud that will stop us making the same old mistakes. Speaking for myself I have no expectation on Cloud providers to do it for us. I’m happy if they just don’t make it harder for us to do it right. It’s down to us (IT folks and Enterprise Architects) to learn from history, to use methodologies intelligently, find ways to minimize the risk and get business buy-in. The Cloud business model is a good stimulus for that buy-in. Separation of interface and implementation may sound like techno-babble but it’s exactly what both providers and consumers need, if they’re to get business value from the Cloud.

The Open Group has an important role to play here. Sitting at the junction of business and IT, we’re ideally placed to address these problems in a way that is meaningful to the business and technically effective. We cover most applicable areas with the work of the Jericho and Security Forums and of the SOA and Cloud Computing Work Groups. We have TOGAF® and we have our own collective experience. And we’re seeing more and more joint efforts across Forums and Work Groups. If we use all that to make an honest assessment of what went right and wrong in the past (and why), we will do something really useful for all parties in the Cloud.

Stuart Boardman is a Senior Business Consultant with Getronics Consulting where he co-leads the Enterprise Architecture practice as well as the Cloud Computing solutions group. He is co-lead of The Open Group Cloud Computing Work Group’s Security for the Cloud and SOA project and a founding member of both The Open Group Cloud Computing Work Group and The Open Group SOA Work Group. Stuart is the author of publications by the Information Security Platform (PvIB) in The Netherlands and of his previous employer, CGI. He is a frequent speaker at conferences on the topics of Cloud, SOA, and Identity.

1 Comment

Filed under Cloud, Enterprise Architecture

The Cloud, multiple Platforms within Platforms

By Mark Skilton, Capgemini

I recently attended The Open Group India Conference in March. This was the first time that The Open Group India had launched such an event, and they had the ambitious target of visiting three cities in the week. The event itself was a platform for discussion of Indian perspectives on all aspects of Architect Best Practices, and in particular, the India market on Enterprise Architecture and Cloud Computing. It drew a significant cross section of public and private industry sector professionals at all the venues, with keen debate and presentations demonstrating industry-leading thought leadership and case study.

The highly successful event raised important questions and discussion on significant topics of the moment in architecture and the Indian perspective. One that stands out in Cloud Computing was the development of Cloud Architectures and the role of Cloud as a platform for services.

Significant Cloud Computing commentary from the Cloud panel sessions included:

  • The role Indian government IT services strategy development could play in applying Cloud Computing, Grid and SOA concepts to the public sector services to the federated and regional citizenship
  • How the Indian market could exploit the SMB and youth demographic that see the Cloud as a rapid resource delivery platform, and huge potential for services in the Cloud to local and international markets
  • The evolution of Cloud services, notably in Big Data and content as a service and in applications software development in the Cloud using PaaS. Both need further focus on master data semantics and interoperability standards to help versioning, persistence of data and support of multiple Cloud virtual environments to drive the potential reality going forward

The debate of Cloud Architectures and Platforms ran throughout the three-city Conference, with notable observations and lessons learnt, including:

  • Support of multiple locations by “location-aware Clouds” was an interesting aspect when developing shared platforms that need to recognize the delivery and localization of “last mile logistics” and end-user experience of the service. One-size-fits-all needed some abstraction of end point use in enabling adoption flexibility and relevancy
  • Cloud Architectures had to be “platforms” that “evolved” like the ecosystem that made up its internal and external components and services. This was a fact as many Clouds and integration adaptor strategies using open source and proprietary technologies where driving ahead with different standards and speeds of development. Understanding the solution options needed to “design for change” was a matter of urgency in architectural design practice for Cloud
  • Mobile Cloud, including the Internet of things (IoT) and the spread of mobile channel services everywhere, drew considerable interest as a strong potential second wave of the Cloud as it enters the next stage of added-value services, virtual communities and multi-Cloud service marketplaces

The underlying theme seemed to be the emergence of service platforms and services enabled by the Cloud and its pervasiveness into social media and social networks underpinned by Cloud infrastructure and data centers. Platforms enabling other platforms in a distributed regional, wireless, global bandwidth enabled world.

I remembered that, at the same time as the Indian event, there was a shining example of technological inspiration right above our heads orbiting 200 miles around the Earth: the STS133 mission and final space flight of the Space Shuttle Discovery. This in itself was an inspiring magnificent achievement. The shuttle had flown more missions than any other — 39 in the 25-year flight history — but that was not the whole picture. Discovery was the platform that launched another platform, the Hubble Space Telescope, into the heavens. And look what discoveries came of that: the first pictures of the now-famous Eagle Nebula stellar nurseries, new insights into the distribution of galaxies and the universal constant, and the list goes on. One platform borne upon another; how much further will our children see tomorrow?

Cloud Computing will be a topic of discussion at The Open Group Conference, London, May 9-13. Join us for best practices, case studies and the future of information security, presented by preeminent thought leaders in the industry.

Mark Skilton, Director, Capgemini, is the Co-Chair of The Open Group Cloud Computing Work Group. He has been involved in advising clients and developing of strategic portfolio services in Cloud Computing and business transformation. His recent contributions include the publication of Return on Investment models on Cloud Computing widely syndicated that achieved 50,000 hits on CIO.com and in the British Computer Society 2010 Annual Review. His current activities include development of a new Cloud Computing Model standards and best practices on the subject of Cloud Computing impact on Outsourcing and Off-shoring models and contributed to the second edition of the Handbook of Global Outsourcing and Off-shoring published through his involvement with Warwick Business School UK Specialist Masters Degree Program in Information Systems Management.

1 Comment

Filed under Cloud/SOA

PODCAST: Cloud Computing panel forecasts transition phase for Enterprise Architecture

By Dana Gardner, Interabor Solutions

Listen to this recorded podcast here: BriefingsDirect-Open Group Cloud Panel Forecasts Transition Phase for Enterprise IT

The following is the transcript of a sponsored podcast panel discussion on newly emerging Cloud models and their impact on business and government, from The Open Group Conference, San Diego 2011.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you’re listening to BriefingsDirect.

We now present a sponsored podcast discussion coming to you live from The Open Group 2011 Conference in San Diego. We’re here the week of February 7, and we have assembled a distinguished panel to examine the expectation of new types of cloud models and perhaps cloud specialization requirements emerging quite soon.

By now, we’re all familiar with the taxonomy around public cloud, private cloud, software as a service (SaaS), platform as a service (PaaS), and my favorite, infrastructure as a service (IaaS), but we thought we would do you all an additional service and examine, firstly, where these general types of cloud models are actually gaining use and allegiance, and we’ll look at vertical industries and types of companies that are leaping ahead with cloud, as we now define it. [Disclosure: The Open Group is a sponsor of BriefingsDirect podcasts.]

Then, second, we’re going to look at why one-size-fits-all cloud services may not fit so well in a highly fragmented, customized, heterogeneous, and specialized IT world.

How much of cloud services that come with a true price benefit, and that’s usually at scale and cheap, will be able to replace what is actually on the ground in many complex and unique enterprise IT organizations?

What’s more, we’ll look at the need for cloud specialization, based on geographic and regional requirements, as well as based on the size of these user organizations, which of course can vary from 5 to 50,000 seats. Can a few types of cloud work for all of them?

Please join me now in welcoming our panel. Here to help us better understand the quest for “fit for purpose” cloud balance and to predict, at least for some time, the considerable mismatch between enterprise cloud wants and cloud provider offerings we’re here with Penelope Gordon, the cofounder of 1Plug Corporation, based in San Francisco. Welcome, Penelope.

Penelope Gordon: Thank you.

Gardner: We’re also here with Mark Skilton. He is the Director of Portfolio and Solutions in the Global Infrastructure Services with Capgemini in London. Thank you for coming, Mark.

Mark Skilton: Thank you.

Gardner: Ed Harrington joins us. He is the Principal Consultant in Virginia for the UK-based Architecting the Enterprise organization. Thank you, Ed.

Ed Harrington: Thank you.

Gardner: Tom Plunkett is joining us. He is a Senior Solution Consultant with Oracle in Huntsville, Alabama.

Tom Plunkett: Thank you, Dana.

Gardner: And lastly, we’re here with TJ Virdi. He is Computing Architect in the CAS IT System Architecture Group at Boeing based in Seattle. Welcome.

TJ Virdi: Thank you.

Gardner: Let me go first to you, Mark Skilton. One size fits all has rarely worked in IT. If it has, it has been limited in its scope and, most often, leads to an additional level of engagement to make it work with what’s already there. Why should cloud be any different?

Three areas

Skilton: Well, Dana, from personal experience, there are probably three areas of adaptation of cloud into businesses. For sure, there are horizontal common services to which, what you call, the homogeneous cloud solution could be applied common to a number of business units or operations across a market.

But, we’re starting to increasingly see the need for customization to meet vertical competitive needs of a company or the decisions within that large company. So, differentiation and business models are still there, they are still in platform cloud as they were in the pre-cloud era.

But, the key thing is that we’re seeing a different kind of potential that a business can do now with cloud — a more elastic, explosive expansion and contraction of a business model. We’re seeing fundamentally the operating model of the business growing, and the industry can change using cloud technology.

So, there are two things going on in the business and the technologies are changing because of the cloud.

Gardner: Well, for us to understand where it fits best, and perhaps not so good, is to look at where it’s already working. Ed, you talked about the federal government. They seem to be going like gangbusters in the cloud. Why so?

Harrington: Perceived cost savings, primarily. The (US) federal government has done some analysis. In particular, the General Services Administration (GSA), has done some considerable analysis on what they think they can save by going to, in their case, a public cloud model for email and collaboration services. They’ve issued a $6.7 million contract to Unisys as the systems integrator, with Google being the cloud services supplier.

So, the debate over the benefits of cloud, versus the risks associated with cloud, is still going on quite heatedly.

Gardner: How about some other verticals? Where is this working? We’ve seen in some pharma, health-care, and research environments, which have a lot of elasticity, it makes sense, given that they have very variable loads. Any other suggestions on where this works, Tom?

Plunkett: You mentioned variable workloads. Another place where we are seeing a lot of customers approach cloud is when they are starting a new project. Because then, they don’t have to migrate from the existing infrastructure. Instead everything is brand new. That’s the other place where we see a lot of customers looking at cloud, your greenfields.

Gardner: TJ, any verticals that you are aware of? What are you seeing that’s working now?

Virdi: It’s not probably related with any vertical market, but I think what we are really looking for speed to put new products into the market or evolve the products that we already have and how to optimize business operations, as well as reduce the cost. These may be parallel to any vertical industries, where all these things are probably going to be working as a cloud solution.

Gardner: We’ve heard the application of “core and context” to applications, but maybe there is an application of core and context to cloud computing, whereby there’s not so much core and lot more context. Is that what you’re saying so far?

Unstructured data

Virdi: In a sense, you would have to measure not only the structured documents or structured data, but unstructured data as well. How to measure and create a new product or solutions is the really cool things you would be looking for in the cloud. And, it has proved pretty easy to put a new solution into the market. So, speed is also the big thing in there.

Gardner: Penelope, use cases or verticals where this is working so far?

Gordon: One example in talking about core and context is when you look in retail. You can have two retailers like a Walmart or a Costco, where they’re competing in the same general space, but are differentiating in different areas.

Walmart is really differentiating on the supply chain, and so it’s not a good candidate for public cloud computing solutions. We did discuss it that might possibly be a candidate for private cloud computing.

But that’s really where they’re going to invest in the differentiating, as opposed to a Costco, where it makes more sense for them to invest in their relationship with their customers and their relationship with their employees. They’re going to put more emphasis on those business processes, and they might be more inclined to outsource some of the aspects of their supply chain.

A specific example within retail is pricing optimization. A lot of grocery stores need to do pricing optimization checks once a quarter, or perhaps once a year in some of their areas. It doesn’t makes sense for smaller grocery store chains to have that kind of IT capability in house. So, that’s a really great candidate, when you are looking at a particular vertical business process to outsource to a cloud provider who has specific industry domain expertise.

Gardner: So for small and medium businesses (SMBs) that would be more core for them than others.

Gordon: Right. That’s an example, though, where you’re talking about what I would say is a particular vertical business process. Then, you’re talking about a monetization strategy and then part of the provider, where they are looking more at a niche strategy, rather than a commodity, where they are doing a horizontal infrastructure platform.

Gardner: Ed, you had a thought?

Harrington: Yeah, and it’s along the SMB dimension. We’re seeing a lot of cloud uptake in the small businesses. I work for a 50-person company. We have one “sort of” IT person and we do virtually everything in the cloud. We’ve got people in Australia and Canada, here in the States, headquartered in the UK, and we use cloud services for virtually everything across that. I’m associated with a number of other small companies and we are seeing big uptake of cloud services.

Gardner: Allow me to be a little bit of a skeptic, because I’m seeing these reports from analyst firms on the tens of billions of dollars in potential cloud market share and double-digit growth rates for the next several years. Is this going to come from just peripheral application context activities, mostly SMBs? What about the core in the enterprises? Does anybody have an example of where cloud is being used in either of those?

Skilton: In the telecom sector, which is very IT intensive, I’m seeing the emergence of their core business of delivering service to a large end user or multiple end user channels, using what I call cloud brokering.

Front-end cloud

So, if where you’re going with your question is that, certainly in the telecom sector we’re seeing the emergence of front end cloud, customer relationship management (CRM) type systems and also sort of back-end content delivery engines using cloud.

The fundamental shift away from the service orientated architecture (SOA) era is that we’re seeing more business driven self-service, more deployment of services as a business model, which is a big difference of the shift of the cloud. Particularly in telco, we’re seeing almost an explosion in that particular sector.

Gordon: A lot of companies don’t even necessarily realize that they’re using cloud services, particularly when you talk about SaaS. There are a number of SaaS solutions that are becoming more and more ubiquitous. If you look at large enterprise company recruiting sites, often you will see Taleo down at the bottom. Taleo is a SaaS. So, that’s a cloud solution, but it’s just not thought necessarily of in that context.

Gardner: Right. Tom?

Plunkett: Another place we’re seeing a lot of growth with regards to private clouds is actually on the defense side. The Defense Department is looking at private clouds, but they also have to deal with this core and context issue. We’re in San Diego today. The requirements for a shipboard system are very different from the land-based systems.

Ships have to deal with narrow bandwidth and going disconnected. They also have to deal with coalition partners or perhaps they are providing humanitarian assistance and they are dealing even with organizations we wouldn’t normally consider military. So, they have to deal with lots of information, assurance issues, and have completely different governance concerns that we normally think about for public clouds.

Gardner: However, in the last year or two, the assumption has been that this is something that’s going to impact every enterprise, and everybody should get ready. Yet, I’m hearing mostly this creeping in through packaged applications on a on-demand basis, SMBs, greenfield organizations, perhaps where high elasticity is a requirement.

What would be necessary for these cloud providers to be able to bring more of the core applications the large enterprises are looking for? What’s the new set of requirements? As I pointed out, we have had a general category of SaaS and development, elasticity, a handful of infrastructure services. What’s the next set of requirements that’s going to make it palatable for these core activities and these large enterprises to start doing this? Let me start with you, Penelope.

Gordon: It’s an interesting question and it was something that we were discussing in a session yesterday afternoon. Here is a gentleman from a large telecommunications company, and from his perspective, trust was a big issue. To him, part of it was just an immaturity of the market, specifically talking about what the new style of cloud is and that branding. Some of the aspects of cloud have been around for quite some time.

Look at Linux adoption as an analogy. A lot of companies started adopting Linux, but it was for peripheral applications and peripheral services, some web services that weren’t business critical. It didn’t really get into the core enterprise until much later.

We’re seeing some of that with cloud. It’s just a much bigger issue with cloud, especially as you start looking at providers wanting to moving up the food chain and providing greater value. This means that they have to have more industry knowledge and that they have to have more specialization. It becomes more difficult for large enterprises to trust a vendor to have that kind of knowledge.

No governance

Another aspect of what came up in the afternoon is that, at this point, while we talk about public cloud specifically, it’s not the same as saying it’s a public utility. We talk about “public utility,” but there is no governance, at this point, to say, “Here is certification that these companies have been tested to meet certain delivery standards.” Until that exists, it’s going to be difficult for some enterprises to get over that trust issue.

Gardner: Assuming that the trust and security issues are worked out over time, that experience leads to action, it leads to trust, it leads to adoption, and we have already seen that with SaaS applications. We’ve certainly seen it with the federal government, as Ed pointed out earlier.

Let’s just put that aside as one of the requirements that’s already on the drawing board and that we probably can put a checkmark next to at some point. What’s next? What about customization? What about heterogeneity? What about some of these other issues that are typical in IT, Mark Skilton?

Skilton: One of the under-played areas is PaaS. We hear about lock-in of technology caused by the use of the cloud, either putting too much data in or doing customization of parameters and you lose the elastic features of that cloud.

As to your question about what do vendors or providers need to do more to help the customer use the cloud, the two things we’re seeing are: one, more of an appliance strategy, where they can buy modular capabilities, so the licensing issue, solutioning issue, is more contained. The client can look at it more in a modular appliance sort of way. Think of it as cloud in a box.

The second thing is that we need to be seeing is much more offering transition services, transformation services, to accelerate the use of the cloud in a safe way, and I think that’s something that we need to really push hard to do. There’s a great quote from a client, “It’s not the destination, it’s the journey to the cloud that I need to see.”

Gardner: You mentioned PaaS. We haven’t seen too much yet with a full mature offering of the full continuum of PaaS to IaaS. That’s one where new application development activities and new integration activities would be built of, for, and by the cloud and coordinated between the dev and the ops, with the ops being any number of cloud models — on-premises, off-premises, co-lo, multi-tenancy, and so forth.

So what about that? Is that another requirement that there is continuity between the past and the infrastructure and deployment, Tom?

Plunkett: We’re getting there. PaaS is going to be a real requirement going forward, simply because that’s going to provide us the flexibility to reach some of those core applications that we were talking about before. The further you get away from the context, the more you’re focusing on what the business is really focused in on, and that’s going to be the core, which is going to require effective PaaS.

Gardner: TJ.

More regulatory

Virdi: I want to second that, but at the same time, we’re looking for more regulatory and other kind of licensing and configuration issues as well. Those also make it a little better to use the cloud. You don’t really have to buy, or you can go for the demand. You need to make your licenses a little bit better in such a way that you can just put the product or business solutions into the market, test the water, and then you can go further on that.

Gardner: Penelope, where do you see any benefit of having a coordinated or integrated platform and development test and deploy functions? Is that going to bring this to a more core usage in large enterprises?

Gordon: It depends. I see a lot more of the buying of cloud moving out to the non-IT line of business executives. If that accelerates, there is going to be less and less focus. Companies are really separating now what is differentiating and what is core to my business from the rest of it.

There’s going to be less emphasis on, “Let’s do our scale development on a platform level” and more, “Let’s really seek out those vendors that are going to enable us to effectively integrate, so we don’t have to do double entry of data between different solutions. Let’s look out for the solutions that allow us to apply the governance and that effectively let us tailor our experience with these solutions in a way that doesn’t impinge upon the provider’s ability to deliver in a cost effective fashion.”

That’s going to become much more important. So, a lot of the development onus is going to be on the providers, rather than on the actual buyers.

Gardner: Now, this is interesting. On one hand, we have non-IT people, business people, specifying, acquiring, and using cloud services. On the other hand we’re perhaps going to see more PaaS, the new application development, be it custom or more of a SaaS type of offering that’s brought in with a certain level of adjustment and integration. But, these are going off without necessarily any coordination. At some point, they are going to even come together. It’s inevitable, another “integrationness” perhaps.

Mark Skilton, is that what you see, that we have not just one cloud approach but multiple approaches and then some need to rationalize?

Skilton: There are two key points. There’s a missing architecture practice that needs to be there, which is a workers analysis, so that you design applications to fit specific infrastructure containers, and you’ve got a bridge between the the application service and the infrastructure service. There needs to be a piece of work by enterprise architects that starts to bring that together as a deliberate design for applications to be able to operate in the cloud, and the PaaS platform is a perfect environment.

The second thing is that there’s a lack of policy management in terms of technical governance, and because of the lack of understanding, there needs to be more of a matching exercise going on. The key thing is that that needs to evolve.

Part of the work we’re doing in The Open Group with the Cloud Computing Work Group is to develop new standards and methodologies that bridge those gaps between infrastructure, PaaS, platform development, and SaaS.

Gardner: We already have the Trusted Technology Forum. Maybe soon we’ll see an open trusted cloud technology forum.

Skilton: I hope so.

Gardner: Ed Harrington, you mentioned earlier that the role of the enterprise architect is going to benefit from cloud. Do you see what we just described in terms of dual tracks, multiple inception points, heterogeneity, perhaps overlap and redundancy? Is that where the enterprise architect flourishes?

Shadow IT

Harrington: I think we talked about line management IT getting involved in acquiring cloud services. If you think we’ve got this thing called “shadow IT” today, wait a few years. We’re going to have a huge problem with shadow IT.

From the architect’s perspective, there’s lot to be involved with and a lot to play with, as I said in my talk. There’s an awful lot of analysis to be done — what is the value that the cloud solution being proposed is going to be supplying to the organization in business terms, versus the risk associated with it? Enterprise architects deal with change, and that’s what we’re talking about. We’re talking about change, and change will inherently involve risk.

Gardner: TJ.

Virdi: All these business decisions are going to be coming upstream, and business executives need to be more aware about how cloud could be utilized as a delivery model. The enterprise architects and someone with a technical background needs to educate or drive them to make the right decisions and choose the proper solutions.

It has an impact how you want to use the cloud, as well as how you get out of it too, in case you want to move to different cloud vendors or providers. All those things come into play upstream rather than downstream.

Gardner: We all seem to be resigned to this world of, “Well, here we go again. We’re going to sit back and wait for all these different cloud things to happen. Then, we’ll come in, like the sheriff on the white horse, and try to rationalize.” Why not try to rationalize now before we get to that point? What could be done from an architecture standpoint to head off mass confusion around cloud? Let me start at one end and go down the other. Tom?

Plunkett: One word: governance. We talked about the importance of governance increasing as the IT industry went into SOA. Well, cloud is going to make it even more important. Governance throughout the lifecycle, not just at the end, not just at deployment, but from the very beginning.

Gardner: TJ.

Virdi: In addition to governance, you probably have to figure out how you want to plan to adapt to the cloud also. You don’t want to start as a Big Bang theory. You want to start in incremental steps, small steps, test out what you really want to do. If that works, then go do the other things after that.

Gardner: Penelope, how about following the money? Doesn’t where the money flows in and out of organizations tend to have a powerful impact on motivating people or getting them moving towards governance or not?

Gordon: I agree, and towards that end, it’s enterprise architects. Enterprise architects need to break out of the idea of focusing on how to address the boundary between IT and the business and talk to the business in business terms.

One way of doing that that I have seen as effective is to look at it from the standpoint of portfolio management. Where you were familiar with financial portfolio management, now you are looking at a service portfolio, as well as looking at your overall business and all of your business processes as a portfolio. How can you optimize at a macro level for your portfolio of all the investment decisions you’re making, and how the various processes and services are enabled? Then, it comes down to, as you said, a money issue.

Gardner: Perhaps one way to head off what we seem to think is an inevitable cloud chaos situation is to invoke more shared services, get people to consume services and think about how to pay for them along the way, regardless of where they come from and regardless of who specified them. So back to SOA, back to ITIL, back to the blocking and tackling that’s just good enterprise architecture. Anything to add to that, Mark?

Not more of the same

Skilton: I think it’s a mistake to just describe this as more of the same. ITIL, in my view, needs to change to take into account self-service dynamics. ITIL is kind of a provider service management process. It’s thing that you do to people. Cloud changes that direction to the other way, and I think that’s something that needs to be done.

Also, fundamentally the data center and network strategies need to be in place to adopt cloud. From my experience, the data center transformation or refurbishment strategies or next generation networks tend to be done as a separate exercise from the applications area. So a strong, strong recommendation from me would be to drive a clear cloud route map to your data center.

Gardner: So, perhaps a regulating effect on the self-selection of cloud services would be that the network isn’t designed for it and it’s not going to help.

Skilton: Exactly.

Gardner: That’s one way to govern your cloud. Ed Harrington, any other further thoughts on working towards a cloud future without the pitfalls?

Harrington: Again, the governance, certification of some sort. I’m not in favor of regulation, but I am in favor of some sort of third party certification of services that consumers can rely upon safely. But, I will go back to what I said earlier. It’s a combination of governance, treating the cloud services as services per se, and enterprise architecture.

Gardner: What about the notion that was brought up earlier about private clouds being an important on-ramp to this? If I were a public cloud provider, I would do my market research on what’s going on in the private clouds, because I think they are going to be incubators to what might then become hybrid and ultimately a full-fledged third-party public cloud providing assets and services.

What can we learn from looking at what’s going on with private cloud now, seemingly a lot of trying to reduce cost and energy consumption, but what does that tell us about what we should expect in the next few years? Again, let’s start with you, Tom.

Plunkett: What we’re seeing with private cloud is that it’s actually impacting governance, because one of the things that you look at with private cloud is chargeback between different internal customers. This is forcing these organizations to deal with complex money, business issues that they don’t really like to do.

Nowadays, it’s mostly vertical applications, where you’ve got one owner who is paying for everything. Now, we’re actually going back to, as we were talking about earlier, dealing with some of the tricky issues of SOA.

Gardner: TJ, private cloud as an incubator. What we should expect?

Securing your data

Virdi: Configuration and change management — how in the private cloud we are adapting to it and supporting different customer segments is really the key. This could be utilized in the public cloud too, as well as how you are really securing your information and data or your business knowledge. How you want to secure that is key, and that’s why the private cloud is there. If we can adapt to or mimic the same kind of controls in the public cloud, maybe we’ll have more adoptions in the public cloud too.

Gardner: Penelope, any thoughts on that, the private to public transition?

Gordon: I also look at it in a little different way. For example, in the U.S., you have the National Security Agency (NSA). For a lot of what you would think of as their non-differentiating processes, for example payroll, they can’t use ADP. They can’t use that SaaS for payroll, because they can’t allow the identities of their employees to become publicly known.

Anything that involves their employee data and all the rest of the information within the agency has to be kept within a private cloud. But, they’re actively looking at private cloud solutions for some of the other benefits of cloud.

In one sense, I look at it and say that private cloud adoption to me tells a provider that this is an area that’s not a candidate for a public-cloud solution. But, private clouds could also be another channel for public cloud providers to be able to better monetize what they’re doing, rather than just focusing on public cloud solutions.

Gardner: So, then, you’re saying this is a two-way street. Just as we could foresee someone architecting a good private cloud and then looking to take that out to someone else’s infrastructure, you’re saying there is a lot of public services that for regulatory or other reasons might then need to come back in and be privatized or kept within the walls. Interesting.

Mark Skilton, any thoughts on this public-private tension and/or benefit?

Skilton: I asked an IT service director the question about what was it like running a cloud service for the account. This is a guy who had previously been running hosting and management and with many years experience.

The surprising thing was that he was quite shocked that the disciplines that he previously had for escalating errors and doing planned maintenance, monitoring, billing and charging back to the customer fundamentally were changing, because it had to be done more in real time. You have to fix before it fails. You can’t just wait for it to fail. You have to have a much more disciplined approach to running a private cloud.

The lessons that we’re learning in running private clouds for our clients is the need to have a much more of a running-IT-as-a-business ethos and approach. We find that if customers try to do it themselves, either they may find that difficult, because they are used to buying that as a service, or they have to change their enterprise architecture and support service disciplines to operate the cloud.

Gardner: Perhaps yet another way to offset potential for cloud chaos in the future is to develop the core competencies within the private-cloud environment and do it sooner rather than later? This is where you can cut your teeth or get your chops, some number of metaphors come to mind, but this is something that sounds like a priority. Would you agree with that Ed, coming up with a private-cloud capability is important?

Harrington: It’s important, and it’s probably going to dominate for the foreseeable future, especially in areas that organizations view as core. They view them as core, because they believe they provide some sort of competitive advantage or, as Penelope was saying, security reasons. ADP’s a good idea. ADP could go into NSA and set up a private cloud using ADP and NSA. I think is a really good thing.

Trust a big issue

But, I also think that trust is still a big issue and it’s going to come down to trust. It’s going to take a lot of work to have anything that is perceived by a major organization as core and providing differentiation to move to other than a private cloud.

Gardner: TJ.

Virdi: Private clouds actually allow you to make more business modular. Your capability is going to be a little bit more modular and interoperability testing could happen in the private cloud. Then you can actually use those same kind of modular functions, utilize the public cloud, and work with other commercial off-the-shelf (COTS) vendors that really package this as new holistic solutions.

Gardner: Does anyone consider the impact of mergers and acquisitions on this? We’re seeing the economy pick up, at least in some markets, and we’re certainly seeing globalization, a very powerful trend with us still. We can probably assume, if you’re a big company, that you’re going to get bigger through some sort of merger and acquisition activity. Does a cloud strategy ameliorate the pain and suffering of integration in these business mergers, Tom?

Plunkett: Well, not to speak on behalf of Oracle, but we’ve gone through a few mergers and acquisitions recently, and I do believe that having a cloud environment internally helps quite a bit. Specifically, TJ made the earlier point about modularity. Well, when we’re looking at modules, they’re easier to integrate. It’s easier to recompose services, and all the benefits of SOA really.

Gardner: TJ, mergers and acquisitions in cloud.

Virdi: It really helps. At the same time, we were talking about legal and regulatory compliance stuff. EU and Japan require you to put the personally identifiable information (PII) in their geographical areas. Cloud could provide a way to manage those things without having the hosting where you have your own business.

Gardner: Penelope, any thoughts, or maybe even on a slightly different subject, of being able to grow rapidly vis-à-vis cloud experience and expertise and having architects that understand it?

Gordon: Some of this comes back to some of the discussions we were having about the extra discipline that comes into play, if you are going to effectively consume and provide cloud services, if you do become much more rigorous about your change management, your configuration management, and if you then apply that out to a larger process level.

So, if you define certain capabilities within the business in a much more modular fashion, then, when you go through that growth and add on people, you have documented procedures and processes. It’s much easier to bring someone in and say, “You’re going to be a product manager, and that job role is fungible across the business.”

That kind of thinking, the cloud constructs applied up at a business architecture level, enables a kind of business expansion that we are looking at.

Gardner: Mark Skilton, thoughts about being able to manage growth, mergers and acquisitions, even general business agility vis-à-vis more cloud capabilities.

Skilton: Right now, I’m involved in merging in a cloud company that we bought last year in May, and I would say yes and no. The no point is that I’m trying to bundle this service that we acquired in each product and with which we could add competitive advantage to the services that we are offering. I’ve had a problem with trying to bundle that into our existing portfolio. I’ve got to work out how they will fit and deploy in our own cloud. So, that’s still a complexity problem.

Faster launch

But, the upside is that I can bundle that service that we acquired, because we wanted to get that additional capability, and rewrite design techniques for cloud computing. We can then launch that bundle of new service faster into the market.

It’s kind of a mixed blessing with cloud. With our own cloud services, we acquire these new companies, but we still have the same IT integration problem to then exploit that capability we’ve acquired.

Gardner: That might be a perfect example of where cloud is or isn’t. When you run into the issue of complexity and integration, it doesn’t compute, so to speak.

Skilton: It’s not plug and play yet, unfortunately.

Gardner: Ed, what do you think about this growth opportunity, mergers and acquisitions, a good thing or bad thing?

Harrington: It’s a challenge. I think, as Mark presented it, it’s got two sides. It depends a lot on how close the organizations are, how close their service portfolios are, to what degree has each of the organizations adapted the cloud, and is that going to cause conflict as well. So I think there is potential.

Skilton: Each organization in the commercial sector can have different standards, and then you still have that interoperability problem that we have to translate to make it benefit, the post merger integration issue.

Gardner: We’ve been discussing the practical requirements of various cloud computing models, looking at core and context issues where cloud models would work, where they wouldn’t. And, we have been thinking about how we might want to head off the potential mixed bag of cloud models in our organizations and what we can do now to make the path better, but perhaps also make our organizations more agile, service oriented, and able to absorb things like rapid growth and mergers.

I’d like to thank you all for joining and certainly want to thank our guests. This is a sponsored podcast discussion coming to you from The Open Group’s 2011 Conference in San Diego. We’re here the week of February 7, 2011. A big thank you now to Penelope Gordon, cofounder of 1Plug Corporation. Thanks.

Gordon: Thank you.

Gardner: Mark Skilton, Director of Portfolio and Solutions in the Global Infrastructure Services with Capgemini. Thank you, Mark.

Skilton: Thank you very much.

Gardner: Ed Harrington, Principal Consultant in Virginia for the UK-based Architecting the Enterprise.

Harrington: Thank you, Dana.

Gardner: Tom Plunkett, Senior Solution Consultant with Oracle. Thank you.

Plunkett: Thank you, Dana.

Gardner: TJ Virdi, the Computing Architect in the CAS IT System Architecture group at Boeing.

Virdi: Thank you.

Gardner: I’m Dana Gardner, Principal Analyst at Interarbor Solutions. You’ve been listening to a sponsored BriefingsDirect podcast. Thanks for joining, and come back next time.

Copyright The Open Group and Interarbor Solutions, LLC, 2005-2011. All rights reserved.

Dana Gardner is the Principal Analyst at Interarbor Solutions, which identifies and interprets the trends in Services-Oriented Architecture (SOA) and enterprise software infrastructure markets. Interarbor Solutions creates in-depth Web content and distributes it via BriefingsDirectblogs, podcasts and video-podcasts to support conversational education about SOA, software infrastructure, Enterprise 2.0, and application development and deployment strategies.

Comments Off

Filed under Cloud/SOA, Enterprise Architecture

An SOA Unconference

By Dr. Chris Harding, The Open Group

Monday at The Open Group Conference in San Diego was a big day for Interoperability, with an Interoperability panel session, SOA and Cloud conference streams, meetings of SOA and UDEF project teams, and a joint meeting with the IEEE on next-generation UDEF. The Tuesday was quieter, with just one major interoperability-related session: the SOACamp. The pace picks up again today, with a full day of Cloud meetings, followed by a Thursday packed with members meetings on SOA, Cloud, and Semantic Interoperability.

Unconferences

The SOACamp was an unstructured meeting, based on the CloudCamp Model, for SOA practitioners and people interested in SOA to ask questions and share experiences.

CloudCamp is an unconference where early adopters of Cloud Computing technologies exchange ideas. The CloudCamp organization is responsible for these events. They are frequent and worldwide; 19 events have been held or arranged so far for the first half of 2011 in countries including Australia, Brazil, Canada, India, New Zealand, Nigeria, Spain, Turkey, and the USA. The Open Group has hosted CloudCamps at several of its Conferences, and is hosting one at its current conference in San Diego today.

What is an unconference? It is an event that follows an unscripted format in which topics are proposed and presented by volunteers, with the agenda being made up on the fly to address whatever the attendees most want to discuss. This format works very well for Cloud, and we thought we would give it a try for SOA.

The SOA Hot Topics

So what were the SOA hot topics? Volunteers gave 5-minute “lightning talks” on five issues, which were then considered as the potential agenda items for discussion:

  • Does SOA Apply to Cloud service models?
  • Vendor-neutral framework for registry/repository access to encourage object re-use
  • Fine-grained policy-based authorization for exposing data in the Cloud
  • Relation of SOA to Cloud Architecture
  • Are all Cloud architectures SOA architectures?

The greatest interest was in the last two of these, and they were taken together as a single agenda item for the whole meeting: SOA and Cloud Architecture. The third topic, fine-grained policy-based authorization for exposing data in the Cloud, was considered to be more Cloud-related than SOA-related, and it was agreed to keep it back for the CloudCamp the following day. The other two topics, SOA and Cloud service models and vendor-neutral framework for registry/repository access were considered by separate subgroups meeting in parallel.

The discussions were lively and raised several interesting points.

SOA and Cloud Architecture

Cloud is a consumption and delivery model for SOA, but Cloud and SOA services are different. All Cloud services are SOA services, but not all SOA services are Cloud services, because Cloud services have additional requirements for Quality of Service (QoS) and delivery consumption.

Cloud requires a different approach to QoS. Awareness of the run-time environment and elasticity is crucial for Cloud applications.

Cloud architectures are service-oriented, but they need additional architectural building blocks, particularly for QoS. They may be particularly likely to use a REST-ful approach, but this is still service-oriented.

A final important point is that, within a service-oriented architecture, the Cloud is transparent to the consumer. The service consumer ultimately should not care whether a service is on the Cloud.

Vendor-Neutral Framework for Registry/Repository Access

The concept of vendor-neutral access to SOA registries and repositories is good, but it requires standard data models and protocols to be effective.

The Open Group SOA ontology has proved a good basis for a modeling framework.

Common methods for vendor-neutral access could help services in the Cloud connect to multiple registries and repositories.

Does SOA Apply to Cloud service Models?

The central idea here is that the cloud service models – Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) – could be defined as services in the SOA sense, with each of them exposing capabilities through defined interfaces.

This would require standards in three key areas: metrics/QoS, brokering/subletting, and service prioritization.

Is The Open Group an appropriate forum for setting and defining Cloud customer and provider standards? It has a standards development capability. The key determining factor is the availability of member volunteers with the relevant expertise.

Are Unconferences Good for Discussing SOA?

Cloud is an emerging topic while SOA is a mature one, and this affected the nature of the discussions. The unconference format is great for enabling people to share experience in new topic areas. The participants really wanted to explore new developments rather than compare notes on SOA practice, and the result of this was that the discussion mostly focused on the relation of SOA to the Cloud. This wasn’t what we expected – but resulted in some good discussions, exposing interesting ideas.

So is the unconference format a good one for SOA discussions? Yes it is – if you don’t need to produce a particular result. Just go with the flow, and let it take you and SOA to interesting new places.

Cloud and SOA are a topic of discussion at The Open Group Conference, San Diego, which is currently underway.

Dr. Chris Harding is Director for Interoperability and SOA at The Open Group. He has been with The Open Group for more than ten years, and is currently responsible for managing and supporting its work on interoperability, including SOA and interoperability aspects of Cloud Computing. Before joining The Open Group, he was a consultant, and a designer and development manager of communications software. With a PhD in mathematical logic, he welcomes the current upsurge of interest in semantic technology, and the opportunity to apply logical theory to practical use. He has presented at Open Group and other conferences on a range of topics, and contributes articles to on-line journals. He is a member of the BCS, the IEEE, and the AOGEA, and is a certified TOGAF practitioner.

Comments Off

Filed under Cloud/SOA