Just finished another ICT-related technical assistance visit with a developing country government. Even in mid-2014, I spend a large amount of time teaching basic principles of enterprise architecture, and the need for adding form and structure to ICT strategies.
Service-oriented architectures (SOA) have been around for quite a long time, with some references going back to the 1980s. ITIL, COBIT, TOGAF, and other ICT standards or recommendations have been around for quite a long time as well, with training and certifications part of nearly every professional development program.
So why is the idea of architecting ICT infrastructure still an abstract to so many in government and even private industry? It cannot be the lack of training opportunities, or publicly available reference materials. It cannot be the lack of technology, or the lack of consultants readily willing to assist in deploying EA, SOA, or interoperability within any organization or industry cluster.
During the past two years we have run several Interoperability Readiness Assessments within governments. The assessment initially takes the form of a survey, and is distributed to a sample of 100 or more participants, with positions ranging from administrative task-based workers, to Cxx or senior leaders within ministries and government agencies.
Questions range from basic ICT knowledge to data sharing, security, and decision support systems.
While the idea of information silos is well-documented and understood, it is still quite surprising to see “siloed” attitudes are still prevalent in modern organizations. Take the following question:
This question did not refer to sharing data outside of the government, but rather within the government. It indicates a high lack of trust when interacting with other government agencies, which will of course prevent any chance of developing a SOA or facilitating information sharing among other agencies. The end result is a lower level of both integrity and value in national decision support capability.
The Impact of Technology and Standardization
Most governments are considering or implementing data center consolidation initiatives. There are several good reasons for this, including:
- Cost of real estate, power, staffing, maintenance, and support systems
- Transition from CAPEX-based ICT infrastructure to OPEX-based
- Potential for virtualization of server and storage resources
- Standardized cloud computing resources
While all those justifications for data center consolidation are valid, the value potentially pales in comparison of the potential of more intelligent use of data across organizations, and even externally to outside agencies. To get to this point, one senior government official stated:
“Government staff are not necessarily the most technically proficient. This results in reliance on vendors for support, thought leadership, and in some cases contractual commitments. Formal project management training and certification are typically not part of the capacity building of government employees.
Scientific approaches to project management, especially ones that lend themselves to institutionalization and adoption across different agencies will ensure a more time-bound and intelligent implementation of projects. Subsequently, overall knowledge and technical capabilities are low in government departments and agencies, and when employees do gain technical proficiency they will leave to join private industry.”
There is also an issue with a variety of international organizations going into developing countries or developing economies, and offering no or low cost single-use ICT infrastructure, such as for health-related agencies, which are not compatible with any other government owned or operated applications or data sets.
And of course the more this occurs, the more difficult it is for government organizations to enable interoperability or data sharing, and thus the idea of an architecture or data sharing become either impossible or extremely difficult to implement or accomplish.
The Road to EA, SOAs, and Decision Support
There are several actions to take on the road to meeting our ICT objectives.
- Include EA, service delivery (ITIL), governance (COBIT), and SOA training in all university and professional ICT education programs. It is not all about writing code or configuring switches, we need to ensure a holistic understanding of ICT value in all ICT education, producing a higher level of qualified graduates entering the work force.
- Ensure government and private organizations develop or adopt standards or regulations which drive enterprise architecture, information exchange models, and SOAs as a basic requirement of ICT planning and operations.
- Ensure executive awareness and support, preferably through a formal position such as the Chief Information Officer (CIO). Principles developed and published via the CIO must be adopted and governed by all organizations,
- Nobody expects large organizations, in particular government organizations, to change their cultures of information independence overnight. This is a long term evolution as the world continues to better understand the value and extent of value within existing data sets, and begin creating new categories of data. Big data, data analytics, and exploitation of both structured and unstructured data will empower those who are prepared, and leave those who are not prepared far behind.
- For a government, not having the ability to access, identify, share, analyze, and address data created across agencies will inhibit effective decision support, with potential impact on disaster response, security, economic growth, and overall national quality of life.
- If there is a call to action in this message, it is for governments to take a close look at how their national ICT policies, strategies, human capacity, and operations are meeting national objectives. Prioritizing use of EA and supporting frameworks or standards will provide better guidance across government, and all steps taken within the framework will add value to the overall ICT capability.
Pacific-Tier Communications LLC provides consulting to governments and commercial organizations on topics related to data center consolidation, enterprise architecture, risk management, and cloud computing.
A good indication any new technology or business model is starting to mature is the number of certifications popping up related to that product, framework, or service. Cloud computing is certainly no exception, with vendors such as Microsoft, Google, VMWare, and IBM offering certification training for their own products, as well as organizations such CompTIA and Architura competing for industry neutral certifications.
Is this all hype, or is it an essential part of the emerging cloud computing ecosystem? Can we remember the days when entry level Cisco, Microsoft, or other vendor certifications were almost mocked by industry elitists?
Much like the early Internet days of eEverything, cloud computing is at the point where most have heard the term, few understand the concepts, and marketing folk are exploiting every possible combination of the words to place their products in a favorable, forward leaning light.
So, what if executive management takes a basic course in cloud computing principles, or sales and customer service people take a Cloud 101 course? Is that bad?
Of course not. Cloud computing has the potential of being transformational to business, governments, organization, and even individuals. Business leaders need to understand the potential and impact of what a service-oriented cloud computing infrastructure might mean to their organization, the game-changing potential of integration and interoperability, the freedom of mobility, and the practical execution of basic cloud computing characteristics within their ICT environment.
A certification is not all about getting the test, and certificate. As an instructor for the CompTIA course, I manage classes of 20 or more students ranging from engineers, to network operations center staff, to customer service and sales, to mid-level executives. We’ve yet to encounter an individual who claims they have learned nothing from attending the course, and most leave the course with a very different viewpoint of cloud computing than held prior to the class.
As with most technology driven topics, cloud computing does break into different branches – including technical, operations, and business utility.
The underlying technologies of cloud computing are probably the easiest part of the challenge, as ultimately skills will develop based on time, experience, and operation of cloud-related technologies.
The more difficult challenge is understanding the impact of cloud computing may mean to an organization, both internally as well as on a global scale. No business-related discussion of cloud computing is complete without consideration of service-oriented architectures, enterprise architectures, interoperability, big data, disaster management, and continuity of operations.
Business decisions on data center consolidation, ICT outsourcing, and other aspects of the current technology refresh or financial consideration will be more effective and structured when accompanied by a basic business and high level understanding of cloud computing underlying technologies. As an approach to business transformation, additional complimentary capabilities in enterprise architecture, service-oriented architectures, and IT service management will certainly help senior decision makers best understand the relationship between cloud computing and their organizational planning.
While reading the news, clipping stories, and self-study may help decision makers understand the basic components of cloud computing and other supporting technologies. Taking an introduction cloud computing course, regardless if vendor training or neutral, will give enough background knowledge to at least engage in the conversation. Given the hype surrounding cloud computing, and the potential long term consequences of making an uniformed decision, the investment in cloud computing training must be considered valuable at all levels of the organization, from technical to senior management.
Day two of the Gartner Data Center Conference in Las Vegas continued reinforcing old topics, appearing at times to be either enlist attendees in contributing to Gartner research, or simply providing conference content directed to promoting conference sponsors.
For example, sessions “To the Point: When Open Meets Cloud” and “Backup/Recovery: Backing Up the Future” included a series of audience surveys. Those surveys were apparently the same as presented, in the same sessions, for several years. Thus the speaker immediately referenced this year’s results vs. results from the same survey questions from the past two years. This would lead a casual attendee to believe nothing radically new is being presented in the above topics, and the attendees are generally contributing to further trend analysis research that will eventually show up in a commercial Gartner Research Note.
Gartner analyst and speaker on the topic of “When Open Meets Clouds,” Aneel Lakhani, did make a couple useful, if not obvious points in his presentation.
- We cannot secure complete freedom from vendors, regardless of how much you adopt open source
- Open source can actually be more expensive than commercial products
- Interoperability is easy to say, but a heck of a lot more complicated to implement
- Enterprise users have a very low threshold for “test” environments (sorry DevOps guys)
- If your organization has the time and staff, test, test, and test a bit more to ensure your open source product will perform as expected or designed
However analyst Dave Russell, speaker on the topic of “Backup/Recovery” was a bit more cut and paste in his approach. Lots of questions to match against last year’s conference, and a strong emphasis on using tape as a continuing, if not growing media for disaster recovery.
Problem with this presentation was the discussion centered on backing up data – very little on business continuity. In fact, in one slide he referenced a recovery point objective (RPO) of one day for backups. What organization operating in a global market, in Internet time, can possibly design for a one day RPO?
In addition, there was no discussion on the need for compatible hardware in a disaster recovery site that would allow immediate or rapid restart of applications. Having data on tape is fine. Having mainframe archival data is fine. But without a business continuity capability, it is likely any organization will suffer significant damage in their ability to function in their marketplace. Very few organizations today can absorb an extended global presence outage or marketplace outage.
The conference continues until Thursday and we will look for more, positive approaches, to data center and cloud computing.
Federal, state, and local government agencies gathered in Washington D.C. on 16 February to participate in Cloud/Gov 2012 held at the Westin Washington D.C. With Keynotes by David L. McLure, US General Services Administration, and Dawn Leaf, NIST, vendors and government agencies were brought up to date on federal cloud policies and initiatives.
Of special note were updates on the FedRAMP program (a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services) and NIST’s progress on standards. “The FedRAMP process chart looks complicated” noted McLure, “however we are trying to provide support needed to accelerate the (FedRAMP vendor) approval process.
McLure also provided a roadmap for FedRAMP implementation, with FY13/Q2 targeted for full operation and FY14 planned for sustaining operations.
In a panel focusing on government case studies, David Terry from the Department of Education commented that “mobile phones are rapidly becoming the access point (to applications and data) for young people.” Applications (SaaS) should be written to accommodate mobile devices, and “auto-adjust to user access devices.”
Tim Matson from DISA highlighted the US Department of Defense’s Forge.Mil initiative providing an open collaboration community for both the military and development community to work together in rapidly developing new applications to better support DoD activities. While Forge.Mil has tighter controls than standard GSA (US General Services Administration) standards, Matson emphasized “DISA wants to force the concept of change into the behavior of vendors.” Matson continued explaining that Forge.Mil will reinforce “a pipeline to support continuous delivery” of new applications.
While technology and process change topics provided a majority of discussion points, mostly enthusiastic, David Mihalchik from Google advised “we still do not know the long term impact of global collaboration. The culture is changing, forced on by the idea of global collaboration.”
Other areas of discussion among panel members throughout the day included the need for establishing and defining service level agreements (SLAs) for cloud services. Daniel Burton from SalesForce.Com explained their SLAs are broken into two categories, SLAs based on subscription services, and those based on specific negotiations with government customers. Other vendors took a stab at explaining their SLAs, without giving specific examples of their SLAs, leaving the audience without a solid answer.
NIST Takes the Leadership Role
The highlight of the day was provided by Dawn Leaf, Senior Executive for Cloud Computing with NIST. Leaf provided very logical guidance for all cloud computing stakeholders, including vendors and users.
“US industry requires an international standard to ensure (global) competitiveness” explained Leaf. In the past US vendors and service providers have developed standards which were not compatible with European and other standards, notably in wireless telephony, and one of NIST’s objectives is to participate in developing a global standard for cloud computing to prevent this possibility in cloud computing.
Cloud infrastructure and SaaS portability is also a high interest item for NIST. Leaf advises that “we can force vendors into demonstrating their portability. There are a lot of new entries in the business, and we need to force the vendors into proving their portability and interoperability.”
Leaf also reinforced the idea that standards are developed in the private sector. NIST provides guidance and an architectural framework for vendors and the private sector to use as reference when developing those specific technical standards. However leaf also had one caution for private industry, “industry should try to map their products to NIST references, as the government is not in a position to wait” for extended debates on the development of specific items, when the need for cloud computing development and implementation is immediate.
Further information on the conference, with agendas and participants is available at www.sia.net
With dozens of public cloud service providers on the market, offering a wide variety of services, standards, SLAs, and options, how does an IT manager make an informed decision on which provider to use? Is it time in business? Location? Cost? Performance?
Pacific-Tier Communications met up with Jason Read, owner of CloudHarmony, a company specializing in benchmarking the cloud, at Studio City, California, on 25 October. Read understands how confusing and difficult it is to evaluate different service providers without an industry-standard benchmark. In fact, Read started CloudHarmony based on his own frustrations as a consultant helping a client choose a public cloud service provider, while attempting to sort through vague cloud resource and service terms used by industry vendors.
“Cloud is so different. Vendors describe resources using vague terminology like 1 virtual CPU, 50 GB storage. I think cloud makes it much easier for providers to mislead. Not all virtual CPUs and 50 GB storage volumes are equal, not by a long shot, but providers often talk and compare as if they are. It was this frustration that led me to create CloudHarmony” explained Read.
So, Read went to work creating a platform for not only his client, but also other consultants and IT managers that would give a single point of testing public cloud services not only within the US, but around the world. Input to the testing platform came from aggregating more than 100 testing benchmarks and methodologies available to the public. However CloudHarmony standardized on CentOS/RHEL Linux as an operating system which all cloud vendors support, “to provide as close to an apples to apples comparison as possible” said Read.
Customizing a CloudHarmony Benchmark Test
Setting up a test is simple. You go to the CloudHarmony Benchmarks page, select the benchmarks you would like to run, the service providers you would like to test, configurations of virtual options within those service providers, geographic location, and the format of your report.
Figure 1. Benchmark Configuration shows a sample report setup.
“CloudHarmony is a starting point for narrowing the search for a public cloud provider” advised Read. “We provide data that can facilitate and narrow the selection process. We don’t have all of the data necessary to make a decision related to vendor selection, but I think it is a really good starting point.
Read continued “for example, if a company is considering cloud for a very CPU intensive application, using the CPU performance metrics we provide, they’d quickly be able to eliminate vendors that utilize homogenous infrastructure with very little CPU scaling capabilities from small to larger sized instance.”
Cloud vendors listed in the benchmark directory are surprisingly open to CoudHarmony testing. “We don’t require or accept payment from vendors to be listed on the site and included in the performance analysis” mentioned Read. “We do, however, ask that vendors provide resources to allow us to conduct periodic compute benchmarking, continual uptime monitoring, and network testing.”
When asked if cloud service providers contest or object to CloudHarmony’s methodology or reports, Read replied “not frequently. We try to be open and fair about the performance analysis. We don’t recommend one vendor over another. I’d like CloudHarmony to simply be a source of reliable, objective data. The CloudHarmony performance analysis is just a piece of the puzzle, users should also consider other factors such as pricing, support, scalability, etc.”
During an independent trial of CloudHarmony’s testing tool, Pacific-Tier Communications selected the following parameters to complete a sample CPU benchmark:
- CPU Benchmark (Single Threaded CPU)
- GMPbench math library
- Cloud Vendor – AirVM (MO/USA)
- Cloud Vendor – Amazon EC2 (CA/USA)
- Cloud Vendor – Bit Refinery Cloud Hosting (CO/USA)
- 1/2/4 CPUs
- Small/Medium/Large configs
- Bar Chart and Sortable Table report
The result, shown above in Figure 2., shows a test result including performance measured against each of the above parameters. Individual tests for each parameter are available, allowing a deeper look into the resources used and test results based on those resources.
In addition, as shown in Figure 3., CloudHarmony provides a view providing uptime statistics of dozens of cloud service providers over a period of one year. Uptime statistics showed a range (at the time of this article) between 98.678% availability to 100% availability, with 100% current uptime (27 October).
Who Uses CloudHarmony Benchmark Testing?
While the average user today may be in the cloud computing industry, likely vendors eager to see how their product compares against competitors, Read targets CloudHarmony’s product to “persons responsible for making decisions related to cloud adoption.” Although he admits that today most users of the site lean towards the technical side of the cloud service provider industry.
Running test reports on cloud harmony is based on a system of purchasing credits. Read explained “we have a system in place now where the data we provide is accessible via the website or web services – both of which rely on web service credits to provide the data. Currently, the system is set up to allow 5 free requests daily. For additional requests, we sell web service credits where we provide a token that authorizes you to access the data in addition to the 5 free daily requests.”
The Bottom Line
“Cloud is in many ways a black box” noted Read. “Vendors describe the resources they sell using sometimes similar and sometimes very different terminology. It is very difficult to compare providers and to determine performance expectations. Virtualization and multi-tenancy further complicates this issue by introducing performance variability. I decided to build CloudHarmony to provide greater transparency to the cloud.”
And to both vendors and potential cloud service customers, provide an objective, honest, transparent analysis of commercially available public cloud services.
Check out CloudHarmony and their directory of services at cloudharmony.com.
In an online “blogger” press conference on 5 August, Erik Bansleben, Ph. D., Program Development Director, Academic Programs at the University of Washington outlined a new certificate program offered by the university in Cloud Computing. The program is directed towards “college level and career professionals” said Bansleben, adding “all courses are practical in approach.”
Using a combination of classroom and online instruction, the certificate program will allow flexibility accommodating remote students in a virtual extension of the residence program. While not offering formal academic credit for the program, the certificates are “well respected locally by employers, and really tend to help students a fair amount in getting internships, getting new jobs, or advancing in their current jobs.”
The Certificate in Cloud Computing is broken into three courses, including:
- Introduction to Cloud Computing
- Cloud Computing in Action
- Scalable & Data-Intensive Computing in the Cloud
The courses are taught by instructors from both the business community and the University’s Department of Computer Science & Engineering. Topics within each course are designed to provide not only an overview of the concepts and value of cloud computing in a business sense, but also includes project work and assignments.
To bring more relevance to students, Bansleben noted “part of the courses will be based on student backgrounds and student interests.” Dr. Bill Howe, instructor for the “Scalable & Data-Intensive Computing in the Cloud” course added “nobody is starting a company without being in the clouds.” With the program covering topical areas such as:
- Cloud computing models: software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (laaS) and database as a service
- Market overview of cloud providers
- Strategic technology choices and development tools for basic cloud application building
- Web-scale analytics and frameworks for processing large data sets
- Database query optimization
- Fault tolerance and disaster recovery
Students will walk away with a solid background of cloud computing and how it will impact future planning for IT infrastructure. In addition, each course will invite guest speakers from cloud computing vendors and industry leaders to present actual case studies to further apply context to course theory. Bansleben reinforced the plan to provide students with specific “use cases for or against using cloud services vs. using your own hosted services.”
Not designed as a simple high level overview of cloud computing concepts, the program does require students to have a background in IT networks and protocols, as well as familiarity with file manipulation in system environments such as Linux. Bansleben stated that “some level of programming experience is required” as a prerequisite to participate in the certificate program.
The Certificate in Cloud Computing program starts on 10 October, and will cost students around $2,577 for the entire program. The program is limited to 40 students, including both resident and online. For more information on University of Washington certificate programs or the Certificate in Cloud Computing contact:
Erik Bansleben, Program Development Director