Ten years on: How did that cloud strategy pan out?

How to avoid vendor lock-in

Application security programs and practises

So the CEO is hearing all about clouds now and the financial director is looking at his pile of beans and as usual wants you to do more with less. And both think it is time for you to build or buy a cloud. Where do you start?

The answer is by being brutally honest with yourself and your bosses about everything around you.

A service provider building a greenfield cloud to peddle infrastructure or platform cloud services to augment your carrier and hosting services has it easy. It is simply a matter of examining what type of cloud it wants to supply to customers.

It picks a cloud controller fabric – VMware vCloud, the open source OpenStack or CloudStack, or maybe Windows Server 2012 and Hyper-V with System Center. This cloud doesn't have to integrate with anything but the provider’s billing systems: it just has to create a self-service portal for customers and a more sophisticated management console for the provider’s own admins.

Not so for you. You are sitting there with mission-critical systems – physical boxes running siloed workloads or at best virtualized machines that have a few workloads sharing capacity atop a hypervisor.

A fine mess

You probably have a mix of Risc/Unix boxes and maybe some proprietary mid-range and mainframe systems running legacy code.

You have Windows systems running Exchange Servers for email and groupware and any number of SQL Server databases and home-grown apps and third-party apps, and probably Linux systems running other infrastructure workloads such as data warehouses or analytics and maybe Java applications.

Exactly what the mess consists of hardly matters. You have a mix of apps and platforms and developers and admins with their own set of preferences and prejudices. And now the top brass wants you to turn this hodge-podge of hardware and software into a cloud.

It is understandable if you are jealous of Amazon Web Services and other clouds, says Bryan Che, general manager of the cloud business unit at Red Hat, the commercial Linux and Java platform distributor.

"The biggest motivation for CIOs is when they take a look at the complexity and inefficiencies of their own operations," he says.

"And then they take a look at the public cloud providers such as Amazon, Rackspace and IBM and on any measure they can think of – how quickly they can provision, how much it costs to get that infrastructure, how many administrators they need to manage it and so on – it is orders of magnitude different from what CIOs experience in their own data centers."


The odds are you have a lot of Windows systems in your shop, and therefore have VMware's ESXi hypervisor inside its vSphere server virtualization toolset in your shop virtualizing some of your Windows and Linux operating systems for x86 servers.

You could be dabbling with Red Hat's KVM-based Enterprise Virtualization hypervisor or Microsoft's Hyper-V, and where Oracle databases, middleware and applications are involved, you might even be virtualizing atop Oracle's own rendition of the open-source Xen hypervisor.

But again, based on market stats, you may have started out with VMware GSX Server and ESX Server a decade ago in your test and development environment when you first started virtualizing servers. Then you took five or six years to gradually start virtualizing more of your IT infrastructure.

It will come as no surprise that VMware wants you to do the same thing all over again with its vCloud Director tools.

"In the US five years ago, or in emerging countries such as Peru today, companies didn't start out with their first virtualized workload being Exchange Server," says Neela Jacques, director of product marketing for the cloud infrastructure suite at VMware.

"Not because Exchange Server couldn't be virtualized – it is by almost every VMware customer – but because if you start there, you need to think about how to tune storage and do backup and disaster recovery.

“By starting with test and dev with virtualization, you could ensure that you had a high degree of success, gain your skills and then move on to infrastructure and finally tier-two apps. Then maybe three years later you got to business-critical apps.

“Just as it was a big mistake to try to start virtualization with the most complex workloads, it is true for clouds too."

Jacques adds that if you have not built a cloud yet, you should start with the now-virtualized test and dev environment, adding vCloud Director and gaining experience with the self-service portal.

Then you move on to the more sophisticated cloud management tools and high-availability portions of the vCloud Suite, then maybe look at cloud-bursting and disaster-recovery features.

Pastures new

The one thing you do not want to do, says Jacques, is give in to the temptation of implementing a greenfield application – such as an electronic medical records application – on a full-on all singing and dancing cloud.

"This is where you can fall right into the trap," Jacques tells El Reg.

"It is not that you can't build a cloud for a business critical app – you absolutely can. But if you start there, you can make decisions that can hurt you in the long run, such as creating a highly scripted, management-heavy environment to meet the needs of one project.

“It makes sense not to over-complicate your first cloud. With VMware, start with vSphere and vCloud Director. If you want your cloud to do everything, we have the technology, but I don't know if you will be able to get up to speed on day one."

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Attack of the clones: Oracle's latest Red Hat Linux lookalike arrives
Oracle's Linux boss says Larry's Linux isn't just for Oracle apps anymore
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story


Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.