In search of a private cloud.
The term private cloud is the source of a great deal of confusion, disagreement, and deeply held dogmas. What is it? Can a cloud really be private? And if it’s private, can it really be a cloud? All these questions are subject to some debate.
In keeping with the NIST definition of cloud computing, a private cloud is a pool of network accessible computing resources, elastically provisioned on demand, with measured services exclusively used by a single organization.
Private clouds provide their users with a higher level of control or privacy than a public cloud. These characteristics are essential for organizations which deal with sensitive personal data whose handling may be subject to government or other external regulation. This includes financial companies such as banks or credit card companies, or health insurance companies.
In-house or hosted private cloud?
This pool of resources can be located in-house, behind a firewall, or it can be outsourced to a third-party hosting provider.
The “Private” refers to the private compute environment, dedicated to one organization, but does not necessarily have to be in the organization’s own data center.
In-house: but is it really a cloud?
Proponents of the in-house private cloud claim that by hosting its own cloud, an organization can get all the advantages of cloud computing while maintaining full control over infrastructure and security.
There are, however, those who maintain that an in-house solution isn’t a real cloud, because, by definition, a Cloud must include shared resources. So how can resources owned, hosted and used by a single organization qualify for being a cloud?
In addition, a key component of cloud computing is that the enterprise doesn’t have to purchase and maintain the infrastructure, but rather use it, and pay for it as needed, with a pay-as-you-go chargeback system. Clearly, for an in-house private cloud, the company is going to have to pay for all the infrastructure necessary for the cloud, whether it is currently being used, or not. This may be up-front, as CAPEX, or in a best-case scenario, as monthly leasing expenses.
Elasticity is also an issue, as a true cloud is meant to be instantly scalable both up and down in concert with the organization’s needs. With an in-house environment, the resources are owned, and expanding beyond the current capabilities requires additional hardware purchases and cumbersome set-up activities. Reducing the size of the cloud when demand falls is just not a practical option.
It seems like private clouds do not fulfill many of the most basic aspects of what defines a cloud. So why call them clouds at all?
The answer is that when a company has its own private cloud, one part of the company – such as the IT department – is functioning as the cloud’s host vis-a-vis the other business units and divisions. So even though the cloud is owned and used by one company, the resources are shared amongst different internal departments, and from the perspective of the end-users within the different divisions, it is scalable and pay-as-you-go.
Staff can dynamically provision or deploy cloud resources on an on-demand basis and business units can tap into a single pool of resources prioritized based on business conditions. These conditions could include seasonal or promotional increases in business traffic for a retailer, the launch of a new product in a manufacturing context or the need to test a release at scale for a development shop.
Despite the fact that an internal private cloud does not have the economies of scale of a public cloud, it can provide a more efficient use of computing resources and allocation while reducing investment in unused equipment.
Metering the utilization of the cloud resources allows cost to be measured and charged proportionally to the budgets of the business units using them.
Hosted: but is it really private?
Having an externally hosted private cloud saves businesses from having to own, set up and maintain the infrastructure necessary for their cloud. This can make a big difference since a large hosting company has already got the server infrastructure and is better positioned to keep up with evolving technologies and upgrades required over time (even if renting dedicated servers means paying for maximum capacity up-front, which reduces the elasticity of the cloud).
However, a common concern with hosted systems is data security. How do you ensure privacy standards are maintained?
For many cloud hosts, a private solution is a pool of equipment and infrastructure that’s partitioned off and isolated from the rest of the host’s resources. Physical servers are thus dedicated exclusively to one organization and are inaccessible to other cloud-users and, to varying degrees, from employees of the hosting company.
One reason some companies choose to host their private clouds in-house, is because they believe that physical greater control means better security. This is not necessarily correct. Unless your regulatory needs require personal data to remain in-house, a cloud provider may actually do a better job at security, since they’ve got the security budget and specialized security staff who focus on nothing else and can quickly respond to threats.
Virtual Private Cloud
Like many externally hosted servers, Virtual Private Clouds are resources within a Public cloud. However, in a virtual private cloud, the servers being used are not exclusive to any one customer. The resources allocated to the client deployment are distributed across machines in a public cloud and shared by other clients.
Logical privacy and isolation from other users’ clouds come from having a private IP subnet and private virtual network connecting resources within the Virtual Private Cloud. Users can access their clouds using encrypted connections over the internet using VPN, or have a dedicated network connection straight to their VPC.
Amazon AWS is the largest and most well-known provider of this type of Virtual Private Cloud, but there are others as well. In many cases, one vendor provides a VPC service on another vendor’s public cloud infrastructure.
The term hybrid cloud refers to the case when a company uses both private and public cloud resources together. Typically, an organization might choose to keep its more sensitive personal data and functionality in the private cloud, while using the public cloud for other, less critical purposes.
Businesses can also draw on public cloud resources only during times of peak usage to meet short-term needs. For example, “cloud-bursting” can be applied so an application is run in a private cloud or data center, but will use public cloud computing resources, when more capacity is needed. This allows a company’s own IT infrastructure to support average-case usage, and only pay for additional resources on an as-needed basis. I recommend taking a read at this post on the Growing use of hybrid cloud systems for more information on hybrid clouds.