2. Disclaimer
• I work for Citrix as a Cloud Computing Evangelist,
focused on Apache CloudStack
• Quite a few slides are from Mark Hinkle
• The Slides are in English because I would have
made too many grammatical mistakes in French
That’s what 14 years in the US do to you.
3. User concerns about moving to the
Source: http://blog.rightscale.com/2009/02/19/the-skinny-on-cloud-lock-in/
3
cloud (from Rightscale, 2009)
5. Google trends
Start of “Clouds”
• Cloud computing trending down, while “Big Data”
is booming. Virtualization remains “constant”.
6. BigData on the Trigger
• Cloud Computing
Going down to
the “through of
Disillusionment”
• “Big Data” on the
Technology
Trigger
7.
8. NIST Definition of Cloud
• "cloud computing is a model for enabling
ubiquitous, convenient, on-demand network
access to a shared pool of configurable
computing resources (e.g., networks, servers,
storage, applications and services) that can be
rapidly provisioned and released with
minimal management effort or service
provider interaction.“ – NIST
9. NIST Service/Deployment Models
• Service Models:
• IaaS (e.g EC2, rackspace)
• PaaS (e.g GAE, Azure)
• SaaS (e.g Gapps)
• Deployment model:
• Private cloud
• Public cloud
• Hybrid cloud (Private than can use Public)
11. NIST Key Characteristics of Cloud
• Elasticity
• Expands and Shrinks as needed
• E.g Elastic Load Balancing, Elastic Map Reduce
• Measured Service
• Utility Pricing. You pay for what you use
• E.g $0.08 for one hour of small instance
• On-demand
• You get it when you ask for it
• E.g One api call and you get your machine, ~no
queue
12. •What ? Lock-In – Costs to switch cloud
providers/vendors are prohibitive
•How ?
• Ability to build own private clouds (*aaS) with Open
Source Software
• Ability to import/export data on-demand in non-
proprietary format
• Availability of multiple providers with interoperable
interfaces
• Open Source, Open Data, Open APIs
12
13. 13
Even vendors know that party is
CCA –NC : -Microsoft http://www.microsoft.com/global/en-us/news/publishingimages/images/features/2010/02-01Interop_lg_Page.jpgCC-byA
ending…
15. Open source
•Consume on your terms, not
your vendors
•Transparency into features,
code, and process
•Vibrant user communities
•Multi-vendor Ecosystems
16. Apache Process
•100% community driven
•New ideas, decisions only taken on mailing lists.
•Votes taken by community
•Project led by Project Management Committee
(PMC):
•http://www.apache.org/dev/pmc.html
•http://incubator.apache.org/guides/committer.html
•Non committers get invited as committers:
•http://community.apache.org/newcommitter.html
18. Open data
•Utilize open formats
• Google’s Data Liberation Front -
http://www.dataliberation.org/
•Understand cost to (re)move data
•Test network between providers (transfer rates)
• Or do you really want to Fedex your drives ?
•Look for Multi-Vendor Ecosystems
18
19. Open APIs
•Every cloud has an API but is it
copyrightable?
-- Oracle says so, Google says No!
•Defacto standard for IaaS is the
Amazon API
•Cloud Abstractions can provide a
“common API”
•Abstractions keep your options open 19
23. CloudStack very extensive API
Open API, but really its
own
Mapping from EC2 API to
CloudStack API (but…not
complete)
Similar situation with
Opennebula and
Openstack
27. DMTF – OVF and CIMI
• OVF first official Cloud Standard
• Open Virtualization Appliance (OVA)
single file alternative, Virtual Box
appliance.
• CIMI (Standard for Infrastructure
provisioning and configuration)
• Orange Labs has a CIMI
implementation called SIROCCO as
well as a native CIMI API in Java. 27
28. OASIS TOSCA
• Topology and Orchestration Specification
for Cloud Applications (TOSCA)
• Portable deployment to any compliant
cloud
• Smoother migration of existing applications
to the cloud
• Flexible bursting (consumer choice)
• Dynamic, multi-cloud provider applications
29. Storage Networking Industry
Association (SNIA)
• Cloud Data Management
Interface (CDMI)
• Tag your data with special
meta data
• Indicates to cloud storage
provider (backup, archive,
encryption, etc.)
29
30. Official Cloud Standards
• OVF (packaging of virtual appliances)
now an ANSI standard. Developed by
DMTF
• OCCI (~EC2 spec), from OGF
• Definition of Cloud from NIST now
accepted widely
• cloud-standards.org brings together
main SDOs.
33. How About the IETF ?
• IETF survey to identify “work items” in
cloud standards (July 2012):
• “This draft presents a survey of the industry work
items related to cloud activities. By conducting
a comprehensive survey, work items in cloud
standards can be determined. This will allow us to
determine the IETF work that would be required
to address the work items. Once these IETF work
have been completed, seamless interoperability of
cloud services can be realized.”
34. Related standards
• HTTP(s)
• JSON, It is based on a subset of the
JavaScript Programming Language,
Standard ECMA-262 3rd Edition -
December 1999
• OAuth and OPenID (for authentication
and authorization)
• REST is not a standard, it’s an
architectural sytle that gives guidelines
on managing web resources
35. Open “Alliances”
• Not standard organizations
• Open Networking Foundation
(Software Defined Networking,
maintains Openflow specification)
• Open Compute project (Former
Facebook project, shares
designs/guidelines for efficient data
center)
• Open Data Center Alliance (User
advocate)
36. Networking standards: OpenFlow
•Leading SDN protocol
•Decouples control and
data plane by giving a
controller the ability to
install flow rules on
switches.
•Hardware or software
•Google achieved 95% switches can use
utilization of WAN OpenFlow
backbone by using SDN
•Spec driven by ONF
39. We have a long way to go to
avoid cloud lock-in
• Nascent industry
• Lack of standards
• Evolving technologies
• Follow best practices
39
40. Key tenants for avoiding cloud
lock-in
• Easily replicable infrastructure
• Avoid proprietary cloud features
when possible
• Abstract APIs as much as practical
• Look for multiple vendor ecosystems
• Use open source software
41. Avoid SaaS Lock-In
•Know the consequences, SaaS has the most potential
for lock-in
•Unique apps will lock you in, no proxy for those
services
•Data should be free, export and back-up regularly
•Test to see if that data is transferrable to new services
41
42. Avoiding PaaS lock-in
•Make sure programming models based on open
standards
•Are there a variety of tools—IDEs, analytics,
management, etc.—available
•Do multiple vendors provide support and/or
equivalent hosted services
•Large, capable talent pool for the domain technology42
43. Avoid IaaS Lock-In
• Use API abstractions when possible
• Consider virtualization choices carefully
• Understand network considerations to migrate
between clouds
• Include other cloud providers in your cloud
design plans
43
44. Conclusions
•Every type of infrastructure migration has some cost
(time, capital, usage)
•Interoperability/portability standards are evolving and
market-driven
•Good planning can mitigate lock-in risks
•Look at automation practices to keep pace with your
cloud. Look into Agile culture to build able to build
and deploy anywhere, anytime
45. Info
@sebgoa
sebgoa on IRC freenode
sebastien.goasguen@citrix.com
http://slideshare.net/sebastiengoasguen
Notes de l'éditeur
Commentary by RightScale’s CTO Thorsten von Eicken Lock-in can actually occur at many levels in the stack, and that’s why the cloud layers differ in their effective lock-in risk. Here are a number of different layers at which you could find yourself locked-in: Application: do you own the application that manages your data or do you need to find/write another one to move? Web services: does your app make use of 3rd party web services that you would have to find or build alternatives to (e.g. storage, search, billing, accounting, …)? Development & run-time environment: does your app run in a proprietary run-time environment and/or is it coded in a proprietary development environment? Would you need to retrain programmers and rewrite your app to move to a different cloud? Programming language: does your app make use of a proprietary language, or language version? Would you need to look for new programmers to rewrite your app to move? Data model: is your data stored in a proprietary or hard to reproduce data model or storage system? Can you continue to use the same type of database or data storage organization if you moved or do you need to transform all your data (and the code accessing it)? Data: can you actually bring your data with you and if so, in what form? Can you get everything exported raw, or only certain slices or views? Log files and analytics: do you own your history and/or metrics and can you move it to a new cloud or do you have to start from scratch? Operating system and system software: do your sysadmins control the operating system platform, the versions of libraries and tools so you can move the know-how and operational procedures from one cloud to another?
Public Cloud – Hosted in Someone Else’s Data Center Amazon Rackspace Azure Terramark Private Cloud – Hosted in your Data Center CloudStack Eucalyptus OpenStack vCloud Director Hybrid Cloud – Workloads distributed across public and private clouds Proprietary Tools like RightScale , ServiceMesh Agility Platform can help move loads across clouds Open Source tools like Scalr can deploy web infrastructure across different clouds using roles
Microsoft infographic on how to integrate with Microsoft ecosystem: “ Cloud interoperability is specifically about one cloud solution, such as Windows Azure, being able to work with other platforms and other applications, not just other clouds. Customers also want the flexibility to run applications either locally or in the cloud, or on a combination of the two. Microsoft is collaborating with others in the industry and working hard to ensure that the promise of cloud interoperability becomes a reality. ” Vendors realize they are going to see increasing pressure to avoid lock-in, it’s implied by the cloud computing definition but the lack of standards and a desire to retain customers puts that goal at odds.
Open Source in the Cloud The biggest clouds are built on Free and Open Source Software Linux (Salesforce.com) Xen and KVM hypervisors (Amazon) Map Reduce - Hadoop Cloud Orchestration (IaaS) - CloudStack, OpenStack, Eucalyptus Benefits Free as in “beer” – Download and use the software without warranty on your terms Transparency – “Free as in Freedom” – Roadmaps are public, code is free to inspect and alter, the process for adding or extending is open for discussion Users – Since there is no barrier to join the project communities they can grow rather large and users end up helping each other and domain knowledge is freely shared Multi-vendor ecosystems – Typically as projects gain popularity multiple vendors service that software (e.g. Red Hat, Canonical, Attachmate/SUSE in the Linux space), consultancies rise among free software
Examples of Open Data Initiatives Google’s Data Liberation Front - http://www.dataliberation.org/ Mission Statement: “Users should be able to control the data they store in any of Google's products. Our team's goal is to make it easier to move data in and out. The Data Liberation Front is an engineering team at Google whose singular goal is to make it easier for users to move their data in and out of Google products. We do this because we believe that you should be able to export any data that you create in (or import into) a product. We help and consult other engineering teams within Google on how to "liberate" their products.” Microsoft Office365 Data Portability – http://www.microsoft.com/en-us/office365/data-portability.aspx#fbid=N2Chn6ozQLa You own your data, and retain all rights, title and interest in the data you store with Office 365 You can download a copy of all of your data at any time and for any reason, without any assistance from Microsoft. Exchange Online data, including Emails, Calendar Appointments, Contacts and Tasks, can be downloaded to a local computer by any end-user at any time via the Import and Export wizard. SharePoint Online documents can be downloaded at any time from the workspace into your local computer. Vanity domain name such as contoso.com can be removed by following the Domain Removal instructions in Online Help. To download a copy of end-user metadata (such as email address, first and last name, etc.), you can use Powershell cmdlets, including the Get-MsolUser Windows Powershell cmdlet. If you use Exchange Online, you can also utilize the Get-MailUser and Get-User Exchange Powershell commands. Upon expiration or termination, Microsoft will provide you, by default, additional limited access for 90 days to export your data.
Cloud APIs Cloud APIs are application programming interfaces (APIs) used to build applications in the cloud computing market. Cloud APIs allow software to request data and computations from one or more services through a direct or indirect interface. Cloud APIs most commonly expose their features via REST and/or SOAP. Vendor specific and cross-platform interfaces are available for specific functions. Cross-platform interfaces have the advantage of along applications to access services from multiple providers without rewriting, but may have less functionality or other limitations vs. vendor-specific solutions. Are they Copyrightable? The question of the copyright ability of Cloud APIs was brought to light by Oracle’s suit against Google in 2011. “ Oracle claims Google's operating system for Android copied elements of the Java programming language developed by Sun Microsystems, a company that Oracle bought for $7 billion in January 2010. The lawsuit alleges violations of copyrights and patents and seeks hundreds of millions of dollars in damages, which could include royalties on Android phones and tablets. Google contends its version of Java did not mimic Oracle's technology but instead took the same concepts, which can't be copyrighted, and added its own engineering elements.” Amazon Many cloud providers try to maintain compatibility with Amazon APIs and it is the most widely deployed standard making it as close to a Defacto Standard. Cloud Abstractions Types of Tasks Accomplished by an API Provisioning (creating, re-creating, moving, or deleting components e.g. virtual machines, VLANs_ Configuration (assigning or changing attributes of the architecture such as security and network settings) Cloud Controllers Jclouds – www.jclouds.org –Java API Abstraction Libcloud –http://libcloud.apache.org/ - started by CloudKick (now Rackspace) to abstract clouds, Apache incubator project Deltacloud – http://deltacloud.apache.org/ - started by Red Hat to abstract clouds, Apache incubator project Fog –http:// fog.io - provider and abstraction level API across compute and storage, written in Ruby
Who is the DMTF? - http://www.dmtf.org/ DMTF enables more effective management of millions of IT systems worldwide by bringing the IT industry together to collaborate on the development, validation and promotion of systems management standards. The group spans the industry with 160 member companies and organizations, and more than 4,000 active participants crossing 43 countries. The DMTF board of directors is led by 15 innovative, industry-leading technology companies. They include Advanced Micro Devices (AMD); Broadcom Corporation; CA, Inc.; Cisco; Citrix Systems, Inc.; EMC; Fujitsu; HP; Huawei; IBM; Intel Corporation; Microsoft Corporation; Oracle; RedHat and VMware, Inc. Cloud Management Standards - http://dmtf.org/standards/cloud Using the recommendations developed by its Open Cloud Standards Incubator, DMTF's cloud efforts are focused on standardizing interactions between cloud environments by developing specifications that deliver architectural semantics and implementation details to achieve interoperable cloud management between service providers and their consumers and developers. This work is being addressed in the Cloud Management Work Group (CMWG) and the Cloud Auditing Data Federation (CADF) Work Group. Virtualization Management (VMAN) Standard - http://www.dmtf.org/standards/vman DMTF’s Virtualization Management (VMAN) standard that includes a set of specifications that address the management lifecycle of a virtual environment. VMAN’s Open Virtualization Format (OVF) specification provides a standard format for packaging and describing virtual machines and applications for deployment across heterogeneous virtualization platforms, while VMAN’s profiles standardize many aspects of the operational management of a heterogeneous virtualized environment. Open Virtualization Format (OVF) – www.dmtf.org/ovf OVF is a platform-independent, extensible, open, packaging and distribution format for virtual appliances. OVF uses XML for capturing metadata about virtual appliance. Is an American National Standards Institute (ANSI) OVF enables simplified and error-free deployment of virtual appliances. Virtual appliance hardware requirements can be automatically validated during installation using OVF metadata. Virtual appliances can be quickly deployed with pre-built configuration using OVF meta-data and can be easily customized during installation. Multiple virtual machines can be packaged as a virtual appliance and deployed easily in a single OVF package. This simplifies deployment of complex multi-tier enterprise applications (where there is one or more VMs per-tier) as well as large scale deployment of a cluster of VMs in a cluster. Cloud Management Working Group - http://www.dmtf.org/standards/cloud Using the recommendations developed by its Open Cloud Standards Incubator, DMTF's cloud efforts are focused on standardizing interactions between cloud environments by developing specifications that deliver architectural semantics and implementation details to achieve interoperable cloud management between service providers and their consumers and developers. This work is being addressed in the Cloud Management Work Group (CMWG) and the Cloud Auditing Data Federation (CADF) Work Group.
OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA) - http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=tosca The OASIS TOSCA TC works to enhance the portability of cloud applications and services. TOSCA will enable the interoperable description of application and infrastructure cloud services, the relationships between parts of the service, and the operational behavior of these services (e.g., deploy, patch, shutdown)--independent of the supplier creating the service, and any particular cloud provider or hosting technology. TOSCA will also make it possible for higher-level operational behavior to be associated with cloud infrastructure management. By increasing service and application portability in a vendor-neutral ecosystem, TOSCA will enable: Portable deployment to any compliant cloud Smoother migration of existing applications to the cloud Flexible bursting (consumer choice) Dynamic, multi-cloud provider applications Committee Spec Published Draft – March 8, 2012
Storage Networking Industry Association (SNIA) From vendors, to channel partners, to end-users, SNIA members are dedicated to providing the industry with a high level of knowledge exchange and thought-leadership. Our members also share a common goal: To promote acceptance, deployment, and confidence in storage-related architectures, systems, services, and technologies, across IT and business communities. Cloud Storage Initiative CSI is promoting the adoption of cloud storage as a new delivery model, that provides elastic, on-demand storage billed only for what is used. Whether you are interested in public clouds or private clouds, or even hybrids in between, the CSI is interested in hearing from you. The simplicity of the cloud means that some long held dreams of information management are finally coming true. The emphasis has moved from managing your storage to managing your data in the cloud: What are the data requirements? How do I express those requirements? Will my cloud storage provider be able to meet them? New Cloud Storage standard called CDMI (Cloud Data Management Interface). CDMI lets you tag your data with special metadata (data system metadata) that tells the cloud storage provider what data services to provide that data (backup, archive, encryption, etc). These data services all add value to the data you store in the cloud and by implementing a standard interface such as CDMI, you are free to move your data from cloud vendor to cloud vendor without the pain of recoding to different interfaces.
Replicable Infrastructure Proceduralize and automate infrastructure Build for Failure Build for Migration Build for Failure Make it possible to totally replicate your infrastructure on private, public or even legacy (bare metal and server virt) Proprietary Cloud Features Don’t use them or don’t depend on them unless you are willing to trade them for potential lock-in
API Abstractions If you can standardize your instrumentation to an API abstraction or “cloud controller” you can then interact with multiple clouds without changing syntax Virtualization Choices If you move across clouds you may want to consider what virtualization layers may be common so you can easily move VMs, if your new cloud provider has a different format you may need to convert VM disk formats Networks Can be Chokepoints The ability to store great amounts of data may exist in all clouds but their ability to receive data transfers may be limiting Include other cloud providers in your cloud design plans even if you don’ t use them daily You can build highly available clouds with multiple availability zones but that won’t work for all use cases Look at vendors that offer the ability to provide redundancy and geographic access not practical in your private cloud