Private cloud: Is the term just being used as fig leaf?

One of the perks of my job is that I get to talk with IT thought leaders across various business domains. Lately, in talking with IT managers in the financial sector, I have observed a common thread: they sometimes mistakenly refer to any shared infrastructure as a 'private cloud'.

For example: I asked one IT manager for a major investment bank about impediments to cloud adoption due to regulation and privacy concerns. “Nonsense,” he told me, “we’ve been doing private cloud for years! We have some heavy risk calculations we need to run every night. So, we found a way to break that calculation into discrete parts, and we developed an application that can perform a part of the calculation. When a bank employee logs off their PC at the end of the work day, we automatically start running the risk calculation app on that PC. The next morning, the second the employee touches their keyboard to log in, we stop running the risk app.”

Another example: A CIO at a financial institution told me his company cannot use a public cloud provider like Amazon due to security concerns. So instead they have implemented a private cloud. When I asked, “Are you using OpenStack?” he looked at me blankly. “No, we use the private cloud for Oracle. When someone needs an Oracle instance, we deploy it from our private cloud of Oracle servers.”

What’s wrong with this picture? Well, in both these stories, a shared infrastructure is being mislabelled as a 'private cloud', and the full benefits of a true private cloud are not being realised.

So what is a private cloud?

In a nutshell, it is a full implementation of infrastructure as a service, where computer resources (CPU, memory, storage, network) can be automatically deployed, provisioned and operated as needed, and then returned to the pool of available resources. But, unlike a public cloud, which is hosted by a third party such as Amazon or Microsoft, a private cloud is hosted by a single enterprise, and resides entirely behind that enterprise’s firewall. To provide the needed level of automation, enterprises typically rely on OpenStack, an OpenSource cloud platform that provides all the infrastructure services available on proprietary platforms like Amazon.

A private cloud has all the benefits of a public cloud (flexibility, elasticity, scalability, high availability, self-service operation), with none of the security issues, because the cloud is behind the enterprise’s firewall. The chief issue with private cloud is the learning curve required to install and operate it. OpenStack engineers can be hard to find, and the OpenStack technologies take time to master.

Looking back at the investment bank’s risk calculation application, we can see that it falls short of the full benefits of a private cloud because it lacks the elements of flexibility and self-service – the end user has no choice as to what runs on her machine at night. If an end user devised some new calculation that required a lot of computing power, she would have to create her own distributed calculation engine and convince IT to deploy it. What the IT manager called a private cloud is, in fact, an example of grid computing.

Similarly, the financial institution handing out Oracle servers also falls short of the full benefits of a private cloud because the only kind of machine that can be provisioned is an Oracle server, the provisioning must be done via IT rather than via self-service, and scale up/down elasticity must be planned in advance rather than happening on demand. They have implemented a server farm, but call it a 'private cloud'.

Why the confusion in terminology?

I believe it is not just an innocent mix-up, but rather an indication of the conflicting pressures that enterprise IT managers must face with respect to the Cloud. On the one hand, management tells them to cut cost by using the Cloud for bursty, calculation-intensive operations. On the other hand, they’re held responsible for maintaining the security and privacy of their data, an area where public clouds have historically been weak. Stuck between a rock and a hard place, a harried IT manager’s easiest resolution is to take an existing infrastructure they are comfortable with (e.g. grid computing or server farm) and call it a private cloud.

The problem with this 'fig leaf' approach to private clouds is that it prevents the enterprise from enjoying the full benefits of cloud computing including: flexibility, self-provisioning, on-demand elasticity. While it is true that public clouds have had security and privacy issues in the past, there are new proven technologies available that can solve these problems by providing end-to-end encryption, full data masking, and complete multi-tenant isolation. If industry regulation prohibits using these solutions, true private cloud functionality is available via OpenStack, and other partners that specialise in experience engineering. In either case, don’t settle for the fig leaf.

Moshe Kranc, CTO at Ness Software Engineering Services

Image Credit: Ferbies / Shutterstock