For many months, all inhabitants of an island happily share a public cloud that uses the public cloud provider's on-premises data center on a nearby island. Each inhabitant is a tenant that shares the data center's resources with the other inhabitants in a multitenant architecture. As tenants, they pay rent to use the cloud when they need it.
One inhabitant's business has grown rapidly this year. He now wants to install new hypervisor technology that the public provider doesn't offer. He also wants to monitor changes in the threshold levels for users, data requests, and resources — among other actions that the public cloud provider doesn't allow him to take. The only way that he can be in charge of the computing and networking infrastructure for testing new technology and threshold levels is to opt out of the public cloud and deploy a private cloud. In a private cloud, he becomes a single tenant. All private cloud users in his organization can then access the cloud behind the same firewall.
This hypothetical business owner's situation is one of a variety of scenarios in which it makes sense for an organization to consider moving from a public to a private cloud. This article describes those scenarios and explains the benefits of using a private cloud.
Public cloud structure
When a private enterprise or government agency is a public cloud tenant, it shares the public cloud provider's on-premises data center(s) with potentially thousands of other tenants. It rents or subscribes to cloud service when needed. The public cloud provider ensures that the applications, data, and other resources for each tenant are logically segregated from those of other tenants and are available only to authorized cloud users. The public cloud provider is responsible for managing, maintaining, and updating the infrastructure at the provider's premises. It has plans in place that — in the event of system failure — enable tenants' users, data, and applications to fail over from an affected data center or server to a healthy one.
The public cloud is suited to small businesses, small government agencies, startups with limited budgets, and large organizations that are opting for better application cost controls. Small businesses can lack the funds to invest in the hardware, software, and staff that are required to set up a private cloud. A large organization might want to perform stress tests on as-needed basis on an Software as a Service (SaaS) application to determine how well the application can withstand the resource stress of, say, sudden seasonal spikes in online demand for its products.
Public cloud providers give the tenant organizations limited control:
- SaaS users can access applications according to the roles that are assigned to them.
- Platform as a Service (PaaS) developers can develop, test, and deploy applications and manage the business lifecycle of those applications.
- Infrastructure as a Service (IaaS) infrastructure specialists can configure the virtual servers.
The public cloud provider has control over the computing and networking infrastructure that underlies the virtual servers.
Reasons to opt for a private cloud
With its own private cloud, the organization becomes a single tenant with complete control over its dedicated data center. It no longer shares a data center with other tenants in a multitenant architecture. As the sole tenant, the organization is in charge of monitoring and maintaining the data. It also controls the performance and multilevel security of its infrastructure — hardware, network, and data storage. It can set (and change) the number of virtual servers that are deployed. All private cloud users access the cloud behind the same firewall on the organization's intranet, enjoying the faster data-transfer rates that can be achieved with that network structure.
A private cloud is not the same as a virtual private cloud (VPC) — a private cloud that exists within a public cloud. A VPC is an on-demand, configurable pool of shared computing resources in a public cloud that isolates the cloud's tenants from one another. From the tenant enterprise's standpoint, a VPC turns the provider's multitenant architecture into a single-tenant architecture.
A private cloud, in contrast, is managed by the organization that uses it (I call this an enterprise internal private cloud) or by a third party. It can exist either at the organization's site (managed internal private cloud) or offsite (managed external private cloud). An enterprise internal private cloud can provide:
- Potentially increased security and performance control
- Better testing environment control than a public cloud
- Dedicated components that underlie the cloud
- Better control of threshold levels than a public cloud
Security and performance control
A private cloud might give the organization better security and performance control over the onsite physical infrastructure that underlies its virtual servers. Internal users who are behind the same firewall can access the same private cloud service. A private cloud is suitable for organizations that have certain security and performance monitoring tools that the public cloud provider doesn't use.
The organization takes a defense-in-depth layers approach to protecting its internal data centers against distributed denial-of-service (DDoS) attacks. The inherent weaknesses of any one security tool can be overcome with other security tools that have stronger options.
Testing environment control
A private cloud gives the organization better control over tests of failover and threshold applications on the PaaS. A resource-optimized application, for example, aims to overcome the public cloud provider's failure to create replicated service instances that can survive host failures. It uses simple services that are composed of a single host rather than multiple dependent hosts. Replicated service instances can be created to survive host failures.
The application uses quick timeouts and retries of the slow services while the failover of all independent service pools of, say, the billing application is in progress. The application determines when to halt timeouts and retries to avoid system lockup resulting from consumption of all resources waiting on slow or failed services.
Dedicated components that underlie the cloud
With a private cloud, the organization can provide dedicated components that the public cloud provider doesn't. Dedicated components include all networking devices, dedicated storage, and dedicated load balancer and firewall pairs. They can also include restructured components that are decomposed from a legacy system for use in developing a custom cloud application.
Control of threshold levels
The private cloud gives the organization better control of a variety of threshold levels that it can use in determining guaranteed service levels in service-level agreements (SLAs):
- User threshold level
- Sets the maximum number of users who are concurrently accessing the SaaS application
- Data requests threshold level
- Sets the maximum number of data requests that users can concurrently send to the SaaS application
- Resources threshold level
- Sets the maximum amount of resources (for example, CPU, storage devices, or disk space) that can be allocated to each SaaS or PaaS cloud user
- Virtual desktop threshold level
- Sets the maximum number of virtual desktops that can be connected to a virtual server
- Multithreading threshold level
- Sets the maximum number of threads that can be used in the organization's application
When to consider a private cloud
Here are some scenarios in which an organization can realize the benefits of switching from public to private cloud.
Scenario 1: Rapid growth
A small or medium-sized business has grown rapidly into a large organization as a result of an acquisition, merger, or market changes. A private cloud enables this organization to gain control over its newly expanded network and infrastructure.
Scenario 2: Subscription cancellation
The organization is forced to cancel its subscription with a public cloud service that is going out of business or was acquired by another public cloud provider that has experienced too many service outages. With a private cloud, the organization can continue providing cloud service for its internal users.
Scenario 3: New technology
The organization wants to test, install, and deploy new hypervisor technology that a public cloud service does not have. A private cloud enables the organization to exceed the public cloud provider's limit on virtual servers.
Scenario 4: Failover plans
The organization wants to test data center failover and scalability algorithms than are more effective than those that public cloud provider uses. The cloud provider doesn't allow the organization to test the provider's algorithms. A private cloud gives the organization control over failover algorithms.
Scenario 5: Threshold levels
The organization wants to test threshold levels that the public cloud provider will not negotiate with the organization. For example, a public SaaS provider doesn't permit negotiation with the organization as the SaaS subscriber on changes in threshold levels for users, data requests, and resources. Or a public PaaS provider doesn't permit negotiation with the organization as the PaaS developer on changes in multithreading threshold. A private cloud enables the organization to control the settings of threshold levels.
Scenario 6: Compliance requirements
The organization must fulfill specific infrastructure-configuration and compliance requirements. A private cloud enables large financial institutions and federal agencies to meet their requirements.
Scenario 7: SLA management
The organization wants to gain more visibility into managing direct and indirect SLA relationships and to weed out unnecessary SLAs. A private cloud helps the organization to see how SLAs are related to one another. As a public cloud subscriber, the organization cannot see or access these relationships.
Scenario 8: Data analytics
The organization wants to use data analytics to gain useful information.
This article highlighted the reasons why an organization should consider switching from the role of public cloud subscriber to private cloud provider, and under what circumstances. If your organization decides to make the switch, start by building a team of developers, managers, business analysts, and system engineers that's dedicated to facilitating the transition.
- "Real-world journey to your own private cloud" (Joydipto Banerjee, developerWorks, July 2011): This three-part article series outlines the process, from conception to deployment, used to build a private, on-premises cloud environment that incorporates structures found in IaaS and PaaS cloud service models.
- "Advantages and options of private cloud computing" (Sandra Sergi Santos, developerWorks, April 2012): This article explains the advantages of private cloud and ways to use them to optimize your investments, processes, and infrastructure.
- Private Cloud for Dummies, IBM limited edition (Judith Hurwitz and Marcia Kaufman, John Wiley & Sons, 2011): Learn how to make cloud computing an integral part of your business, support collaboration between business and IT, and leverage resources behind the corporate firewall.
- "Build a cloud failover policy" (Judith M. Myerson, developerWorks, March 2012): Read about creating a failover policy with cloud-specific riders that detail components and tasks.
- Find out what IBM SmartCloud Foundation can do for your organization. It includes IBM PureSystems offerings.
- IBM Smart Analytics Cloud: Learn how to build your own private cloud environment based on the same cloud infrastructure that IBM is using internally.
- Explore developerWorks cloud computing, where you can find valuable community discussions and learn about new technical resources related to the cloud.
- Get involved in the developerWorks community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.