Download
WMV Download | WMA | MP3

If you attended one of our Live Private Cloud TechNet events delivered recently in the major metros along the US east coast, hopefully we’ve inspired you to build out your own private cloud test environment with downloadable evaluation products. This is the 2nd episode of our post-event conference call as a follow-up to further discuss building private cloud with Windows Server 2008 R2 SP1 and  System Center 2012. For those who are interested, there are also additional information, free ebooks, and posters available to better understand some of the enabling technologies of cloud computing.

Amid the many benefits of having the NIST SP 800-145 as a tool to facilitate the understanding, the classification and some definitions of the four deployment models are redundant and inconsistent. Particularly, the definition of “community cloud” is a redundant of that of a private cloud, the deployment models are defined with 2 set of criteria, and “hybrid cloud” is a confusing, ambiguous, and extraneous term.

SP 800-145 is the de facto standard in IT industry of describing what cloud computing is with five essential characteristics, three delivery methods, and four deployment models. The five essential characteristics well specify the qualifications and expected behaviors of an object qualified with the term, cloud. The three delivery methods signify the essence of cloud computing centered on the concept of a “service.” Both the characteristics and the delivery methods in SP 800-145 form a solid foundation and present a conceptual model envisioning what cloud computing is and about. SP 800-145 gets inconvenient where the four deployment models including public, community, private, and hybrid clouds are defined, as shown below.

The Premise

Reviewing the definitions of the first three deployment models, there is a common theme. Among public, community, and private clouds, the classification is based on the intended audiences whom a cloud with its resources is dedicated to. Namely, a public cloud is intended to be consumed by the general public and a private cloud is dedicated to a single organization, i.e. for a targeted group of users. SP 800-145 classifies a private cloud and a public cloud with consistent criteria.

It is important to recognize that building a cloud with owned hardware does not default it as a private cloud of the owner’s, while a cloud with accessibility via Internet or operated by an internet service provider does not automatically make it a public cloud either. Again, the intended audiences determine it is a private or public cloud. Although many seem to default a private cloud as an on-premise deployment to owned hardware, this is nonetheless not a requirement of a private cloud.

Further “public” here does not suggest that it is free or accessible anonymously. It simply means the cloud is dedicated for the general public to consume, while there can be business or administrative restrictions imposed. Microsoft Office 365 available based on a subscription and Hotmail requiring a Live ID to sign are vivid examples of public cloud offerings with restrictions.

Inconvenience #1: The classification of “community cloud” is extraneous.

A community cloud according to 800-145 is a cloud for a specific community of consumers from organizations. As far as a member of the associated community is concerned, a community cloud is indeed a private cloud for that particular community. The number of the organizations and the administrative boundaries encompassing a community are irrelevant since from a private cloud’s view point, an authorized user is an authorized user regardless which organization one belongs to. A cloud for a community of users from either various departments, business units within a company or business partners from companies in many parts of the world is essentially a private cloud dedicated for that community.

Inconvenience #2: Using two sets of criteria to define cloud deployment models roots inconsistency and ambiguity.

As defined in SP 800-145, a hybrid cloud is a composition of infrastructures, yet at the same time a private cloud and a public cloud are defined according to their intended audiences. The change of criteria in classifying a hybrid cloud roots inconsistency and ambiguity in the deployment models presented in SP 800-145. Forming a concept with two sets of criteria is simply a confusing way to describe an already very confusing subject like cloud computing.

Inconvenience #3: "Hybrid cloud" is an ambiguous, confusing, and frequently misused term.

A hybrid cloud is a composition of two or more distinct cloud infrastructures (private, community, or public) as stated in SP 800-145. That is to say that a hybrid cloud can be a composition of private/private, private/community, private/public, etc. From a consumer’s point of view, they are in essence a private cloud, a private cloud, and a public or private cloud respectively. Regardless how a hybrid cloud is constructed, if it is intended for public consumption it is a public cloud, and if for a particular group of people it is then a private cloud according to SP 800-145. Essentially the composition of clouds is still a cloud and it is an either public or private cloud, and cannot be both at the same time.

For many enterprises IT professionals, a hybrid cloud means an on-premise private cloud connected with some off-premise resources. Notice these off-premise resources are not necessary in reality a cloud. In such case, it is simply a private cloud with some extended boundaries. A cloud is a set of capabilities and must be referenced in the context of the delivered application. Just placing a VM in the cloud or referencing a database placed in the cloud does not make the VM or the database itself a public cloud application.

The key is that a hybrid cloud is a derived concept of clouds. Namely, a hybrid can be integrations, modifications, extensions, or a combination of all of cloud infrastructures. A hybrid is nevertheless not a new concept or a different deployment model and should not be classified as a unique deployment model in addition to the two essential ones, i.e. the public and private cloud models. A cloud is either public or private and there isn’t a third kind of cloud deployment model based on the intended users.

“Hybrid cloud” is perhaps a great catchy marketing term. For many, a hybrid seems to suggest it is advanced, leading edge, and magical, and therefore better and preferred. The truth is "hybrid cloud" is an ambiguous, confusing, and frequently misused term. It confuses people, interjects noises into a conversation, and only to further confirm the state of confusion and inability to clearly understand what cloud computing is.

Among the members of System Center 2012 release, App Controller is probably getting more attention than the others in the suite. And the reason is probably because App Controller directly answers the need to have a single pane of glass to manage both public and private clouds. A single pane of glass means seamless integration of multiple components, aggregate of information form multiple sources, fewer passwords to manage, less training needed, fewer helpdesk calls made, more user productivity, higher satisfaction, and on and on and on. The long-term impact upon operational proficiency and excellency, and user satisfaction in an enterprise setting can be very significant. It will be premature to conclude this series without going over App Controller. 

• Part 1. Private Cloud Concepts
• Part 2. Fabric, Oh, Fabric
• Part 3. Deployment with Service Template
• Part 4. Working with Service Templates
• Part 5. App Controller (This article)

Therefore, in this last article of this 5-part series on VMM 2012 as listed above, I would like to offer a quick overview of this interesting add-on to VMM 2012. Here I want to encourage you to download System Center 2012 trials available from this download Page, practice and experiment, get a head start in becoming the next private cloud expert in your organization.

A View of All

For public cloud, private cloud, and something in between, App Controller has a lot to offer to both a cloud administrator and a self-service user. App Controller is an add-on of VMM 2012 and a web-based interface configured as a virtual directory in IIS. A connection between App Controller and applications deployed to Windows Azure Platform in public cloud requires internet connectivity, certificates, Windows Azure subscription ID and credentials. To connect  to a private cloud, a self-service user will log in the associated VMM 2012 server with AD credentials. The access control is a role-based model by Windows Authorization Manager, i.e. AzMan. So what a self-user can see or do are all trimmed and predefined.

The following shows App Controller connecting with two private clouds (PetShop and StockTrader) deployed by VMM 2012 and two subscriptions (Bata Test and Yung Chou’s production account) of Windows Azure Platform in public cloud. In this setting with App Controller, I was able to deploy and manage StockTrader as a private cloud in VMM 2012, at the same time publish and administer Windows Azure applications in public cloud, both requiring and with secure channels.

In addition to the ability to connect to a private cloud and a public cloud at the same time, another distinct feature of App Controller is to enable an authorized user to deploy a service to a private cloud in VMM 2012 without the need to reveal the underlying private cloud fabric. Technically this is such a complex infrastructure can be easily presented with convoluted processes and confusing settings. Instead, a UI gracefully designed with a keep-it-simple approach offers a quite remarkable user experience.

Notice in the App Controller UI, fabric is not visible despite a logon is with VMM admin privileges. This allows a cloud administrator to enable service owners to deploy applications to private clouds based on their needs in a self-servicing fashion, while still having a total control of how the infrastructure is configured and managed which is abstracted by the fabric. This is a great story.

Service Upgrade with App Controller

Personally I find the upgrade of a service with App Controller most exciting. To upgrade a service running in a private cloud deployed by VMM 2012, a self-service user can simply apply a new service template to an intended instance of the service. Technically it can be operationally carried out in a few mouse clicks. Depending on the Upgrade Domain and Fault Domain (similar to what are in Windows Azure Platform) of the service and what kind of updates are made to the service, there may or may not any service outage required. Here just to highlight the process, the following captures the App Controller screen for a self0service user to confirm upgrading a running instance of the StockTrader service from release 2011.11 to 2011.11.24.

Notice that in VMM 2012, the self-service model for deploying a private cloud is via VMM 2012 admin console or App Controller.  The formal is a Windows application, while the latter is a web-based interface. There is also a self-service portal one can install for just VM-based deployment.

Closing Thoughts

VMM 2012 is a begging of a new era. Infrastructure and deployment can no longer be the excuses for IT to prolong, delay, and procrastinate. The expectation now is not what or if, but how fast IT can deliver it. The establishments already deployed may not be reconfigured, reengineered, or replaced as quickly as people would like to see. The mindset of IT pros must change from “how I may not be able to deliver” to “ what is your need and how fast I will make it happen” with a sense of urgency. And we need to validate our deliveries with the emerging trends in the industry and the long-term economic climate we are all facing. Five years ago, many thought virtualization would be relevant to only enterprise IT, while today virtualization has become a core skillset and no longer a specialty. Those who still believe private cloud is remote and not applicable, may wake up tomorrow and realize everything is moving and changing towards cloud much faster and in a bigger scope than anticipated. Private cloud is a high technical subject and there is however no easy way to learn it. Invest time and learn it the old-fashioned way by getting hands dirty is what I have done and will continue doing. Start today. Start now. Build your own lab, deploy your own cloud. And you are then on a road to become the next private cloud expert in your organization.

[To Part 1, 2, 3, 4]

• eBooks
• Private Cloud Tools
• Posters

Must-Read Reference Document

Private Cloud Whitepapers

Private Cloud Assessment Tool

(Download SP1 trial)

Windows Server 2008 Active Directory Feature Components Poster

(Download SP1 trial)

Hyper-V Component Architecture Poster

(Download Hyper-V Server 2008 R2 SP1 trial)

IT Professional Career and Certification Roadmap Poster

(Additional information)

SQL Server 2008  R2 System View

Exchange Server 2010 Architecture Poster

Office Communications Server 2007 R2 Workload Architecture Poster

SharePoint 2010: SharePoint Developer Platform Wall Poster

SharePoint Foundation 2010 Technical Diagrams

SharePoint Online Solution Development Overview Poster