What's an open cloud? The Manifesto's not telling

Nebular thinking

Combat fraud and increase customer satisfaction

Comment "What exactly is an open cloud?" you ask. You won't find an answer in the Open Cloud Manifesto.

IBM's much-discussed Microsoft-baiting Manifesto urges "the members of the emerging cloud computing community to come together around the notion of an open cloud." But in the end, the notion amounts to little more than a few paragraphs of, well, nebulous sermonizing.

"As an organization chooses a provider or architecture or usage model, an open cloud will make it easy for them to use a different provider or architecture as the business environment changes," the Manifesto preaches. "If the organization needs to change providers because of new partnerships, acquisition, customer requests or government regulations, they can do so easily."

Yes, we've heard it before. Developers should have the freedom, the voices say, to move from cloud to cloud. The trouble is that no one knows what a cloud is - including the self-righteous types behind IBM's Manifesto. "The architecture and terminology of cloud computing is as clearly and precisely defined as, well, a cloud," it continues.

The best they can do is narrow things down to all whatchamacallits that exhibit "the ability to scale and provision computing power dynamically in a cost efficient way" and provide "the ability of the consumer (end user, organization or IT staff) to make the most of that power without having to manage the underlying complexity of the technology."

So, like others before them, they've applied the cloud metaphor to every compute technology that somehow offers a shared pool of dynamically-scalable resources - whether it's used in your own private data center or in someone else's public data center - and they've attempted to apply the same set of (ill-defined) rules to every single one.

Tech pundits have long branded Amazon, Microsoft, and Google as purveyors of closed clouds. And this week the pundit brigade has spilled more than a little ink pointing out that those three names are absent from the list of eager outfits backing the Open Cloud Manifesto. But Amazon Web Services is only marginally comparable to the so-called clouds offered by Redmond and Mountain View: Microsoft Azure and Google App Engine.

Microsoft and Google offer development platforms atop dynamically scalable compute resources. They give you tools for building a web app, and they host it for you. Meanwhile, Amazon offers the compute resources themselves. To a certain extent, you can put whatever you like on its scalable infrastructure.

So, Microsoft and Google are closed because they won't let anyone else's dev tools on their very own dev platforms. But Amazon is closed too - even though Amazon Web Services runs almost anything. You see, Amazon has published the APIs needed to lob apps onto its virtualized infrastructure, but it won't say whether other operations are allowed to use it.

Like Microsoft, Amazon argues that it's actually quite open. And certainly, it's more open than Microsoft. "We're very much in favor of customers having total choice," Adam Selipsky, vice president of product management and developer relations for Amazon Web Services, tells us. "We let you use Linux, OpenSolaris, and Windows as operating systems. You can program to our Web Services using Java, C#, Python, Ruby PHP, Perl - we just don't care. It's very central to everything we're doing to enable flexibility, not preclude it."

But the company is notoriously coy about its Web Services API. "They have been 100 per cent ambiguous when it comes to releasing the API, which is at the core of the open argument," says Thorsten von Eicken, the CTO and co-founder of RightScale, a so-called cloud management outfit that lets developers juggle resources across multiple infrastructure clouds, including Amazon Web Services as well as similar services from companies like Flexiscale and GoGrid.

We can only guess that the Open Cloud Manifesto is an attempt to build a standard Amazon-like API for all infrastructure clouds - while summarily outlawing platform clouds along the lines of Mirosoft Azure and Google App Engine. But there's no telling. And even if that is the end goal, it may not deliver the open cloud.

"The API is a non-issue on some level," says von Eicken, who worked alongside Amazon Web Services father figure Werner Vogels while doing distributed-systems research at Cornell University in the mid-1990s. According to von Eicken, the real issue is how you juggle resources within an infrastructure cloud.

"What's key is the semantics of the resources," he says. "What is a server instance? What is a disk volume? Can I detach from a server instance and attach it to a different server? Can I do this within the data center? Can I do it across data centers? What's an IP address? Can I reassign an IP address or does it go to a server for the lifetime of the server? Can I assign it to a different server in a different data center or a different region?

"If you think about it, dealing with different APIs is just a programming exercise. But if...you move to another cloud where the API is the same, but there's a little footnote that says that the semantics of IP addresses are such that they are contained in the data center and your app doesn't run that way, then, well, everything falls apart. That's much harder than a programing exercise. That's a 're-architecting your web site' exercise."

Amazon says that open cloud standards will evolve as time goes by. Eventually, if it wants to continue growing, it will have to offer developers an easier means of moving apps onto other services. But at this point, the company claims, it's unsure what those standards will entail.

"We think it's very early," Selipsky tells us. "Vendors as well as customers need to collectively educate themselves over time to understand what in terms of standards will truly be useful and helpful, and we will continue to be active participants in that discussions."

On some level, Amazon is playing games. "They're not pushing the lock-in, but there is some passive resistance," von Eicken says. "But I would do the same if I were them. Right now, what's their interest in promoting movement to another cloud?" But on another level, Amazon's stance makes sense. After all, even the Open Cloud Manifestos can't tell you what an open cloud is. ®

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story


SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.