Application Design or Hosting Strategy.. What should be addressed first?

Larry O'Brein recently interviewed three of Gang of Four (GoF) on the applicability of design patterns to application design after 15 years. The consensus among the authors was that these patterns are more or less associated with object oriented languages like c++, Java, smalltalk and C# etc. Some of the current languages have different ways of solving the same problem (ex. for functional languages there are different set of design principles/patterns). It makes lot of sense to understand the different ways to resolve a problem within the constraints before jumping onto something. Constraints can be of any nature (may be the language of choice, deployment options, computing resources available etc)

I am at present working on a solution (a transformation project) where the vendor packaged applications and their technologies more or less decide the deployment architecture, sizing and infrastructure requirements. There are cases where virtualization of servers can add up to 50% overhead on the server infrastructure. So the question is “do you decide on the deployment/hosting strategy first (where and how you want to deploy your application) before designing it or design the application and then decide the deployment strategy and infrastructure requirements ”.

With new paradigms in computing emerging day by day (ex. Cloud, grid and space based architecture, REST etc) application can now be designed based on how you plan to host them (i.e. what is the cost effective way of deploying them). However, you are bound to fixed application designs when you are using packaged applications (Most of the business application vendors like SAP, Oracle are still mostly in the standard client server or three tiered architecture space) and can not do much about it like my current project.

Normally infrastructure and operations are an afterthought with no consideration for them during application design. However, future trends are more towards using the existing/available infrastructure options and operations requirements to help drive the application design thereby closing the gaps between apps and ops in an organization.

Amazon Virtual Private Cloud - A Sliver Lining in the Cloud !

Cloud as a technology is gathering momentum. It is quite an onerous job to keep track of the developments everyday with cloud service providers mushrooming as minutes go by and lots of venture capitalists throwing their weight around it. It is not uncommon for the skeptics to expect a 'Cloud Burst' in the times to come.

Who does not want to be there at the center of attention. Every vendor has thrown a substantial amount of their R&D budget for cloud offerings and research. There has been efforts by number organizations to 'standardize the cloud' with their versions of standardization requirements around Cloud Resource Definition, Cloud Federation, Cloud Interops et al. There has been number of ongoing efforts, including US Government to create communities and de-facto standards for cloud computing.

Inspite of the so much hype around the technology, there has been efforts by many vendors to make Cloud as a feasible alternative for many enterprises. In my opinion Amazons latest effort around virtual private cloud (VPC) that allows customers to seamlessly extend their IT infrastructure into the cloud while maintaining the levels of isolation required for their enterprise management tools to do their work, is a step in the right direction.

Elasticity and Pay as you Go are the two key requirements for any cloud Platform. Till the time Cloud Platforms can truly prove themselves as extensions of the existing data centers of an enterprise leveraging the existing investments in tools and technologies, every IT decision maker has a difficult task of sell it to all stake holders. Amazon CTO Werner Vogels has a good post introducing Amazon VPC.

Introducing Amazon Virtual Private Cloud

We have developed Amazon Virtual Private Cloud (Amazon VPC) to allow our customers to seamlessly extend their IT infrastructure into the cloud while maintaining the levels of isolation required for their enterprise management tools to do their work.

With Amazon VPC you can:

• Create a Virtual Private Cloud and assign an IP address block to the VPC. The address block needs to be CIDR block such that it will be easy for your internal networking to route traffic to and from the VPC instance. These are addresses you own and control, most likely as part of your current datacenter addressing practice.
• Divide the VPC addressing up into subnets in a manner that is convenient for managing the applications and services you want run in the VPC.
• Create a VPN connection between the VPN Gateway that is part of the VPC instance and an IPSec-based VPN router on your own premises. Configure your internal routers such that traffic for the VPC address block will flow over the VPN.
• Start adding AWS cloud resources to your VPC. These resources are fully isolated and can only communicate to other resources in the same VPC and with those resources accessible via the VPN router. Accessibility of other resources, including those on the public internet, is subject to the standard enterprise routing and firewall policies

Amazon VPC offers customers the best of both the cloud and the enterprise managed data center:

• Full flexibility in creating a network layout in the cloud that complies with the manner in which IT resources are managed in your own infrastructure.
• Isolating resources allocated in the cloud by only making them accessible through industry standard IPSec VPNs.
• Familiar cloud paradigm to acquire and release resources on demand within your VPC, making sure that you only use those resources you really need.
• Only pay for what you use. The resources that you place within a VPC are metered and billed using the familiar pay-as-you-go approach at the standard pricing levels published for all cloud customers. The creation of VPCs, subnets and VPN gateways is free of charge. VPN usage and VPN traffic are also priced at the familiar usage based structure
• All the benefits from the cloud with respect to scalability and reliability, freeing up your engineers to work on things that really matter to your business.

Cloud Ecosystem - US Federal View

Peter Mell and Tim Grance - National Institute of Standards and Technology, Information Technology Laboratory has put the following definition of Cloud Computing in Draft NIST definition of Cloud Computing. This is the most exhaustive cloud definition I have seen till date.

Definition of Cloud Computing:

Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is comprised of five key characteristics, three delivery models, and four deployment models.

Key Characteristics:

· On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed without requiring human interaction with each service’s provider.
· Ubiquitous network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).
· Location independent resource pooling. The provider’s computing resources are pooled to serve all consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. The customer generally has no control or knowledge over the exact location of the provided resources. Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.
· Rapid elasticity. Capabilities can be rapidly and elastically provisioned to quickly scale up and rapidly released to quickly scale down. To the consumer, the capabilities available for rent often appear to be infinite and can be purchased in any quantity at any time.
· Pay per use. Capabilities are charged using a metered, fee-for-service, or advertising based billing model to promote optimization of resource use. Examples are measuring the storage, bandwidth, and computing resources consumed and charging for the number of active user accounts per month. Clouds within an organization accrue cost between business units and may or may not use actual currency.

· Note: Cloud software takes full advantage of the cloud paradigm by being service oriented with a focus on statelessness, low coupling, modularity, and semantic interoperability.

Delivery Models:

· Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure and accessible from various client devices through a thin client interface such as a Web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.
· Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created applications using programming languages and tools supported by the provider (e.g., java, python, .Net). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, or storage, but the consumer has control over the deployed applications and possibly application hosting environment configurations.
· Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to rent processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly select networking components (e.g., firewalls, load balancers).

Deployment Models:

· Private cloud. The cloud infrastructure is owned or leased by a single organization and is operated solely for that organization.
· Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).
· Public cloud. The cloud infrastructure is owned by an organization selling cloud services to the general public or to a large industry group.
· Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (internal, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting).

Each deployment model instance has one of two types: internal or external. Internal clouds reside within an organizations network security perimeter and external clouds reside outside the same perimeter.

Rising from the ashes!

This is no spiritual awakening post, nor an essay on how to rebuild the world from the economic meltdown.

There are numerous obituaries for SOA in the recent past in the blogosphere with some lamenting on the untimely demise of iconic superstar and pointing fingers towards the economic recession. There have been many discussions on this topic with diverging views starting from clear rebuttal to the acceptance of the fact that hype is over, at least the one created by the vendors !

It is quite natural for things to fail and the rebuilding process to drive for newer things. This keeps the wheel moving. There have been instances where a new idea has been rejected outrightly, only to resurface again after some time or lead to something new and disruptive.

It is a fact that not many IT decision makers are now interested to listen to SOA eulogy and how this can bring transformational change to business aka. business agility. In my view rather than debating on whether SOA is dead or alive, industry should now focus on the learnings and the technologies that can help the industry move forward.

SOA has many off-springs(ex. Cloud Computing, RESTful Services, Mashups etc) that can bring changes to the way IT can deliver value to business. I strongly believe that the focus and evangelism around SOA has helped build distributed solutions with web as the 'common gateway'.

Distributed computing is going through a metamorphosis with many new concepts like Cloud computing, Map Reduce distributed computing, distributed file systems, non-relational distributed databases driving some of the new solutions and offerings. There have been others like multicore computing, functional programming languages and software appliances that are also catching the imagination.

Cloud computing is also going through a similar hype cycle like SOA with many terming it as the next best thing, while others are rejecting it as just another fad. There have been many acronyms and offerings around cloud (IaaS, PaaS, SaaS). There have also been private cloud offerings for enterprises by some vendors. Recent McKinsey report has done well to differentiate cloud from cloud services and has some very good observations on its usefulness to an enterprise.

- Many cloud services are confused with cloud.

A true cloud has to comply with three key requirements.

a. It has to abstract the underlying hardware from the buyer

b. Be elastic in scaling to demand

c. Bill buyers on a pay-per-use basis

A cloud service complies with two key requirements.

a. It is a service where the underlying infrastructure is abstracted and can scale elastically

b. It could run on top of a cloud, although it is not required to (e.g., SaaS)

- Cloud offerings are most attractive for small and medium-sized enterprises and not cost-effective for larger enterprises.

- Larger Enterprises can achieve server utilization rate similar to those of cloud providers by focusing on data center best practices ( virtualization, service catalog etc)