With the advent of cloud computing, the choices for delivery and consumption of applications have drastically increased. With choices comes complexity. Enterprises often find themselves struggling to decide if public, private or hybrid cloud is the best choice for their needs. This session will talk about the pros and cons of public, private and hybrid cloud. It will also describe how Cisco Intercloud Fabric (ICF) can provide the best of both worlds.
DEVNET-1008 Private or Public or Hybrid ? Which Cloud Should I choose?
1.
2. Public, Private or Hybrid
Which cloud should I choose ?
Chhavi Nijhawan
Technical Marketing Engineer,
Cloud Network Services Group, Cisco Systems
DEVNET-1008
3. • Discuss cloud terminology
What and Why: Public, private, and hybrid cloud
SaaS, PaaS, IaaS
• What is Cisco Intercloud Fabric?
Architecture
Services
Benefits
Agenda
4. The technical View of Cloud
Visual Model of NIST Working Definition of Cloud Computing
http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
5. SaaS, PaaS, IaaS …….. Lots of *aaSes!
Traditional IT IaaS SaaSPaaS
6. … and one other
Public Cloud Cloud infrastructure made available to the general public.
Private Cloud Cloud infrastructure operated solely for an organization.
Virtual Private Cloud
Cloud services that simulate the private cloud
experience in public cloud infrastructure
Hybrid Cloud
Community Cloud Cloud infrastructure shared by several organizations and
supporting a specific community
Cloud infrastructure composed of two or more clouds that
interoperate or federate through technology
NIST Cloud Deployment Models
8. SaaS PaaS IaaS
Private Cloud CiscoWebex,
CitrixGoToMeeting
Apprenda,
Stackatao
Vmware, Hyper-V, Openstack,
CloudStack
Public Cloud Google Aps, Saleforce,
Cloud9 Analytics,
Office 365
Google Apps Engine,
Microsoft Azure,
Vmware
Amazon EC2,
Rackspace,
Google Compute Engine(GCE)
Hybrid Cloud Cloud Foundry
Custom
Cisco Intercloud Fabric
Custom
Lots of Cloud Providers!
9. DC/Private
Clouds
Provider
Clouds
Public, private or hybrid…Which cloud should I choose
Striking the Perfect Balance
Fixed workloads Elastic workloads
Choice to build / rent across providers
Workload portability
Consistent security
Economics
Speed
Scale
Data
Sovereignty
Control
Hybrid
Security
10. 72% of enterprises plan to adopt Hybrid IT
47% 75%33%
Have portable workloads that
can automatically burst and load
balance across public and
private cloud
Have security concerns about
adopting public cloud; security
was the #1 concern
Expect workflows to automatically
migrate between providers based
on locations, policies and
governance principles
Source: IDC CloudView Survey 2014, n=3463 worldwide respondents
11. Reality of Hybrid IaaS and Key Challenges
• Require App
Re-configuration
• Apps break due
to Infrastructure
Dependencies
Siloed Applications
• Inconsistent Cloud
Architectures
• Different Networking
and Security Models
• Different Management Tools
Operational Complexity
• No Visibility or Control
• Limited Workload
Protection
• Unsecure Connection
Loss of Security
13. Cisco Intercloud Fabric: Solution Overview
CISCO
INTERCLOUD
FABRIC
End User Portal
Cloud VM
catalogs and
Templates
IT Admin
Cloud
Configuration
and Security
Rest APIs
vSphere
HyperV
OpenStack
KVM
Private Data
Center
Intercloud
Ecosystem
14. …
Secure Data Center Extension for Flexible Hybrid IT
CISCO
INTERCLOUD
FABRIC
Expanding Cloud
Provider Ecosystem
Customer
Choice
End-to-End Security
Unified Workload Management
and Governance
Workload Mobility Across Clouds
Open
No Vendor Lock-In
Any Hypervisor
to Any Provider
Heterogeneous Infrastructure
15. Intercloud Fabric Secure Extender
(Secure Network Extension)
DC/Private
Cloud
Provider
Cloud
Cisco Intercloud Fabric Architectural Details
Intercloud
Switch
VM Manager
Intercloud
Fabric Services
Intercloud
Extender
Intercloud
Fabric Director
End User and IT Admin Portal
Workload and Fabric ManagementIT AdminsEnd Users
VM VM
VM VM
Intercloud Fabric
for Business
16. ICF Core Services
Fundamental Service Functions and Capabilities Integrated Natively to ICF
and Its Operation
Security
Management
and Visibility
Automation
and APIs
Networking
VM Portability
Switching, routing and other advanced network-based capabilities
VM to VM and App-to-App security controls
VM format conversion and mobility
Private and hybrid cloud monitoring capabilities
VM lifecycle capabilities, automated operations and Programmatic APIs
17. 1818
Why Intercloud Fabric?
- Intercloud Fabric does not compete directly with IaaS Providers - but augments the solution
- No vendor lock-in - Hypervisor and cloud agnostic
- Normalize network services and security across disparate clouds
- Provide a single management plane for all public cloud workloads
- Workload portability without needing to re-architect application
- Enterprise controls and manages everything within the cloud created by ICF
18. 1919
Related Sessions @CiscoLive San Diego 2015.
Session ID Title
PSOCLD-1001 Hybrid Cloud with Intercloud Fabric
PSODCT-1009 Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud
TECCLD-3001 Intercloud Fabric Technical Deepdive
BRKCLD-2003 Building Hybrid Cloud Applications with Intercloud Fabric
BRKCLD-1828 Designing Hybrid Cloud operations with ServiceGrid and Intercloud Fabric
DEVNET-1008 Private or Public or Hybrid ? Which Cloud Should I choose?
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises Move to Hybrid Cloud!
DEVNET-1128 Cisco Intercloud Fabric NB APIs for Business & Providers
DEVNET-2009 Intercloud Fabric REST APIs for Providers
DEVNET-1120 Intercloud Fabric - AWS and Azure Account Setup and Utilization
DEVNET-1136 Cisco ONE Enterprise Cloud Suite for Infrastructure Management
19. 2020
Related Sessions @CiscoLive San Diego 2015.
Session ID Title
TECDCT-2750 Unleash the Power of Cisco ONE Enterprise Cloud Suite for Infrastructure Management and Automation
BRKDCT-2522 Cisco Enterprise Cloud Suite
BRKCLD-1004
End-to-end Cloud Management: A holistic approach for developing and managing the platform and service
offerings that transform IT
PSOCLD-1002 Cisco Cloud Services - A product overview
BRKCLD1002 Cloud Onboarding
BRKCLD1003 A Practical Introduction to DevOps Practices and Tools
BRKCLD2001 Building scalable and highly available enterprise applications on Cisco Cloud Services
BRKCLD2002 Cisco Cloud Services - Under the Hood
All clouds are data centers or multiple datacenters made up of compute and storage connected by a network. What makes a data center cloud is that all these resources are virtualized into one big giant shared pool of resources, which can be intellegentally and automatically orchestrated. And that means it can meet the ever changing needs of your apps and ever changing needs of each of the resources. And that’s why clouds are awesome. Hence on cloud apps can be provisioioned much more quickly without custom provisioning boxes. These apps can dynamically scale on demand and are resource failure resistant. Hence cloud is more efficient and cost effective data center.
Service Models: Software as a Service (SaaS).
The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure
2
. The applications are accessible from
various client devices through
either
a thin client interface
,
such as a web browser (e.g.,
web
-
based email)
,
or a program interface
. The consumer
does not
manage or control the
underlying cloud infrastructure including network, servers, operating systems, storage, or
even individual application capabilities, with the possible exception of limited
user
-
specific application configuration settings.
Platform as
a S
ervic
e
(
PaaS)
.
The capability provided to the consumer is to deploy onto the cloud
infrastructure consumer
-
created or acquired applications created using programming
1
Typically
this is
done
on
a pay
-
per
-
use
or charge
-
per
-
use
basis
.
2
A cloud infrastructure is the collection of hardware and software that enables the five essential characteristics of cloud
computing. The cloud infrast
ructure can be viewed as containing both a physical layer and an abstraction layer. The physical
layer consists of the hardware resources that are necessary to support the cloud services being provided, and typically inclu
des
server, storage and network co
mponents. The abstraction layer consists of the software deployed across the physical layer,
which manifests the essential cloud characteristics. Conceptually the abstraction layer sits above the physical layer.
3
languages
, libraries, services,
and tools supported by the provider.
3
The consumer doe
s
not manage or control the underlying cloud infrastructure including network, servers,
operating systems, or storage, but has control over the deployed applications and possibly
configuration settings for the
application
-
hosting environment.
Infrastructur
e as a S
ervice
(IaaS).
The capability provided to the consumer is to provision
processing, storage, networks, and other fundamental computing resources where the
consumer is able to deploy and run arbitrary software, which can include operating
systems and
applications. The consumer does not manage or control the underlying cloud
infrastructure but has control over operating systems, storage,
and
deployed applications
;
and possibly limited control of select networking components (e.g., host firewalls).
Dep
loyment Models:
Private c
loud
.
The cloud infrastructure is
provisioned
for
exclusive use by
a
single
organization
comprising
mul
t
iple
consu
mers (e.g., business units)
. It may be
owned,
managed
, and
operated
by the organization
,
a third party
, or some combi
nation of them,
and
it
may exist
on or off premise
s
.
Community
c
loud.
The cloud infrastructure
is
provisioned
for
exclusive use by
a specific
community
of consumers from organizations
that
have
shared concerns
(e.g.,
mission,
security requirements,
p
olicy
,
and compliance considerations
). It may be
owned,
managed
, and operated
by
one or more of
the organizations
in the community,
a third
party
,
or some combination of them,
and
it
may exist on or off premise
s
.
Public
c
loud
.
The cloud infrastructure is
provisi
oned
for
open use by
the general public
.
It may be
owned, managed, and operated by a business, academic, or government organization, or
some combination of them. It exists on the premises of the cloud provider
.
Hybrid cloud
. The cloud infrastructure is a
composition of two or more
distinct
cloud
infrastructure
s (private, community, or public) that remain unique entities
,
but are bound
together by standardized or proprietary technology that enables
data and application
portability
(e.g., cloud bursting for
load balancing between clouds).
Its easier of understand looking at the traditional IT model where you are managing your own datacenter.So you are responsible for the entire stack i.e. all the way down to power, colling, server rooms racking. Networking, cabling. If you are virtualizing, whats your virtualization layer, operating system you are running, what middle ware you use, what languages, what platforms etc. That’s all your responsibility. You have to manage the entire stack.
When you look at these service models all you are saying is I want to outsource some of that stack.
I don’t want to deal with all the components of the stack.
Wit IaaS, you are saying I want my cloud vendor to provide the stack for me upto the virtualization layer. You just give me an environment where I can deploy my virtual machines then I will deal with everything from the machine up. I will still pick the OS, manage security, patches and all good stuff.
Runtime, middle ware data application all managed my me.
PaaS,
Hey I just want to focus on my code and data. PaaS is really great for dev folks. Because I don’t have to deal with installing my virtual machine, I don’t have to deal with patch management and updating them and all that good stuf. I just want an env where I can run my code. You take care till that point.
Saas
I don’t want to deal with any of it. I just want to subscribe for the service.
Office 365, gmail, hotmail, yahoo mail is a great example of that.
You still own the data that you put in it but you don’t have to go out and create the platform or manage it .
So based on what kind of organisation/product you offer, you will be in one all all of those scenarios.
A public cloud provider makes resources available to the public for a fee. Anybody can leverage their resources for there on own use.It is un restrictive.
Public cloud is connected to internet for anyone to leverage.
In Private cloud env, the same capabilities are controlled by the enterprise in their own hosted environment (on or off premise) for their own use only.
These enivronments are made available to enterprise employees via private lines or through pulic internet.
Then comes the hybrid model:
Hybrid cloud
. The cloud infrastructure is a
composition of two or more
distinct
cloud
infrastructure
s (private, community, or public) that remain unique entities
,
but are bound
together by standardized or proprietary technology that enables
data and application
portability
(e.g., cloud bursting for
load balancing between clouds).
Private c
loud
.
The cloud infrastructure is
provisioned
for
exclusive use by
a
single
organization
comprising
mul
t
iple
consu
mers (e.g., business units)
. It may be
owned,
managed
, and
operated
by the organization
,
a third party
, or some combi
nation of them,
and
it
may exist
on or off premise
s
.
Community
c
loud.
The cloud infrastructure
is
provisioned
for
exclusive use by
a specific
community
of consumers from organizations
that
have
shared concerns
(e.g.,
mission,
security requirements,
p
olicy
,
and compliance considerations
). It may be
owned,
managed
, and operated
by
one or more of
the organizations
in the community,
a third
party
,
or some combination of them,
and
it
may exist on or off premise
s
.
Public
c
loud
.
The cloud infrastructure is
provisi
oned
for
open use by
the general public
.
It may be
owned, managed, and operated by a business, academic, or government organization, or
some combination of them. It exists on the premises of the cloud provider
.
It’s a great thing that my wife is a good sport. This series started about two years ago when I set out to explain cloud computing to my wife (Part 1 and Part 2). Now that her knowledge of the basics has grown, I wanted to branch out and try to continue to describe some of the more detailed aspects of cloud computing.
In this blog post, I’ll share my most recent attempt to explain the various cloud delivery models to my spouse. As I’ve described before, I like to use analogies when conveying a topic that’s completely foreign to someone. I’ve found that it’s a lot easier to see how things are related that way. I’ll stick to a transportation example, but this time, I won’t be using rental cars. In the next three points, I’ll describe the difference between a private cloud, a public cloud and a hybrid cloud.
You may not realize it, but you might have a private cloud in your garage.
If you are like most people in the non-urban world, you likely own a vehicle. If you have two drivers in your household, you might even have two vehicles. Each of you likely drives the vehicle you need when you need it. My wife and I each have our own vehicle, but if I need to transport something bigger, I’ll take her SUV. If I want better gas mileage, I’ll take my car. I’m able to use the right resource (a vehicle in this case) to meet the particular need I have at that time.
But what happens when you have a teenager? Do you need to buy a second or third car? Although some people would say yes, the truth is that most families would be able to address their needs just fine by sharing the existing vehicles they have. This is a great analogy to what companies do when they build a private cloud.
Companies own all of the hardware and software that runs the private cloud, just as you own the cars in your garage. Companies have different users that share this hardware so that they each don’t need to buy their own hardware, just like you share the cars that you own among all of your drivers. There may be some rare instances that you aren’t able to use a car, but as a tradeoff, you are in full control over the type of car that you own and drive. Companies that build a private cloud have this same advantage.
There’s no shame in using the bus.
Maybe your car is in the shop. Maybe you don’t own a car. Maybe you don’t want to own and maintain a car. Whatever the reason, some people and some companies would rather use public transportation (or a public cloud) to address their needs. You might be a little restricted by the bus schedule, but you only pay for what you use. If you work from home and don’t need to ride the bus that day, you save the money that you would have spent.
The same thing goes for companies using a public cloud. They don’t need to buy any hardware or software up front (sometimes referred to as spending CAPEX or capital expenditure), and they just pay for what they use as they use it (OPEX or operational expenditure). For many people and companies, having a smaller recurring expense is easier to budget for than a large one-time expense.
Sometimes you need to rent a trailer.
Your car works for you most of the time, but for a big road trip you might need more space. So what do you do? You rent a trailer. It works with your existing car but gives you the added capacity you need for this temporary situation. You don’t own the trailer, but you are able to use it. This is exactly like what companies do when they build a hybrid cloud. As the name implies, this is a mix between private and public cloud. Companies do the majority of their work on hardware that they own (your car), but if they have a temporary need for more capacity, they are able to rent it from a public cloud provider (the trailer). Just like the trailer securely connects to your car’s hitch, the hybrid cloud securely connects the public cloud to your private cloud.
In the end, I think my wife may just roll her eyes at me and say “keep trying,” which I certainly will do. Do you have any other ideas on how I could explain this to her? What cloud-related topic should I try to talk to her about next? As always, let me know what you think @TalkToErik or in the
Public clouds tend to be cheaper since they are using shared infrastructure and more suited for applications whose information is not private/sensitive.
Private cloud are on the other hand look to be more expensive (atleast short term), but offer higher level security, data sovereignity, higher slas.
The tradeoff is stricktly a buisness decision by cloud buyers, but most companies use public cloud today for test results, HR, email and CRM.
In terms of private cloud usage, mission critical, highly sensitive, heavy data usage applications aka big data applications are example of applications that companies use for public cloud. Private cloud is also used by enterprises as a step towards providing their employees cloud in a controlled environment.
Hybrid cloud provides the best of both worlds. Typical hybrid cloud starts with running applications/hosting databases in private cloud and then burst onto public cloud when load is heavy or usage is high. Most companies use public cloud to get extra on-demand capacity which is called cloud bursting.
That’s a common practice for hybrid application. You can even leverage both public and private by running some applications in private and some in private.
Where does Cisco Intercloud fabric fit into all this ?
Cisco Intercloud fabric homogenises all supported public clouds and provides you a way to manage your hybrid cloud infrastucture through one single pain of glass i.e intercloud fabric gui.
Cisco Intercloud Fabric is a highly secure, open, and flexible solution that gives you complete freedom in workload placement, based on business needs. It applies the same network security, quality of service (QoS), and access control policies in public clouds that you enforce in the data center. And as capacity is added, there is no demarcation between internal and external clouds.
Key features include:
Self-service consumption of hybrid resources with end-user and IT portals
Workload provisioning and bidirectional migration
End-to-end security with consistent policy enforcement
A single point of management and control for physical and virtual workloads
A choice of cloud providers and hypervisors
Workload Mobility
Get the freedom to create workloads in public clouds and to migrate workloads across heterogeneous private and public clouds. The Intercloud Fabric includes automated image conversion to your desired cloud format.
Networking
Layer 2 network extension from private to public clouds helps ensure application transparency. Gain switching, routing, firewall, and Network Address Translation (NAT) capabilities.
End-to-End Security
Get highly secure cryptographic connectivity from private to public clouds and security for data in motion within public clouds. Also, get zoning capability for workloads within public clouds.
Management and Visibility
Gain VM monitoring across public and private clouds and automated VM migration across heterogeneous clouds.
Automation and APIs
Use programmable APIs to manage VM lifecycles, and automatically create your workload catalogs.
Intercloud Fabric Director – Single pane for glass providing administrator and end-user self-service portal through a web-based interface
Intercloud Fabric Secure Extender
Intercloud Extender – Virtual Machine in enterprise data center to provide secure connectivity to the Intercloud Switch in provider cloud
Intercloud Switch – Virtual Machine in provider data center, has secure connectivity to the Intercloud Extender in enterprise cloud and secure connectivity to the Virtual Machines in the provider cloud.
Intercloud Fabric Services – Virtual zone-based firewall and virtual router services running in the provider cloud
Intercloud Fabric Provider Platform – Only required for Provider Edition to enable service providers without public APIs to integrate with Intercloud Fabric
Integrated Natively to ICF
Separate into two slide Why Intercloud Fabric
Emphasize the point of workload and network/security portability across multiple clouds