[occi-wg] Addressing the Challenge of Cloud-Computing Interoperability

[Sam Johnston]

Here's a reasonably good summary of where things are at with cloud interop.

Sam

*Addressing the Challenge of Cloud-Computing
Interoperability*<http://www.computer.org/portal/web/computingnow/archive/news031>
*by George Lawton*

Cloud computing—in which users work online with resources based on
providers' servers, rather than on their own computers—is becoming
increasingly popular. However, cloud computing is still relatively new, so
proponents and vendors have not yet developed interoperability between
platforms. Some industry observers say this could hurt the technology's
growth. For example, companies can't necessarily move their data and
applications if they find another cloud platform they like better than the
one they are using. Also, some enterprises want a best-of-breed option,
employing different cloud platforms for different applications. In some
cases, they want to use data and applications across the platforms.

"What folks are mostly interested in is that the applications themselves are
not locked into a particular platform," said Sam Charington, vice-president
of product management of cloud-computing vendor Appistry.

In addition, they want to utilize their security, management, identity, and
other tools across the different cloud platforms they utilize.

Many businesses want interoperability between their in-house infrastructure
and the cloud, noted Forrester Research market analyst James Staten. They
might want to use an in-house application to process data in the cloud, they
might want to use a cloud-based application to process in-house data, or
they might want to use applications or tools that will run both in-house and
on the cloud.

Other key issues include having a single sign-on for users who access
multiple cloud platforms, deploying and provisioning resources from the
platforms with a single management tool, enabling a service hosted on one
platform to automatically call a service hosted by another, and having a
private cloud application seamlessly obtain resources from a public cloud
when necessary.

In response to this demand, several standards groups and industry consortia
are developing specifications and best practices to enable cloud
interoperability. Likewise, several vendors have released products that
allow some degree of interoperability.
Key Issues

Cloud applications work via virtualization. They run in a provider's server
on a virtual machine (VM). A single server contains multiple VMs, enabling
cloud providers to efficiently offer applications to numerous customers.

In a virtualization system, the hypervisor allocates the host machine's
resources to each virtualized operating system or to each program running on
a virtualized OS.

Many cloud platforms don’t interoperate because they use distinct hypervisor
and VM technologies, and they store and configure operating systems and
applications differently. The platforms also use various security standards
and management interfaces.

Amazon has its Amazon Elastic Compute Cloud, Citrix works with the
XenServer, Linux supports the Kernel-Based Virtual Machine (KVM), Microsoft
uses the Hyper-V, and VMware utilizes the ESX and ESXi hypervisors. Each
hypervisor supports a different VM format, and the formats are not natively
interoperable.

A problem today is determining exactly where cloud-interoperability
standards are needed. To help address this, the Distributed Management Task
Force (DMTF), an industry consortium that develops and promotes
systems-management-related standards, has formed the Open Cloud Standards
Incubator (www.dmtf.org/about/cloud-incubator).

The Open Group's Cloud Work Group (www.opengroup.org/cloudcomputing) is
conducting meetings among members to create a document describing
business-related requirements and concerns for cloud computing, including
interoperability. In the process, they are looking at best practices needed
to address the concerns.
Workload Movement

Workload movement is the ability of an organization to automatically move
data, applications, and server configurations from its own systems to a
public cloud.

To enable workload movement, the DMTF has created the Open Virtualization
Format (OVF) specification. The OVF standard provides an intermediary format
for VM images. It lets an organization create a VM instance on top of one
hypervisor and then export it to the OVF so that it can be run by another
hypervisor. OVF supporters include Citrix Systems, IBM, Microsoft, Oracle
and VMware, but not Amazon, which is a major cloud-computing provider.

Companies such as Appistry and 3Tera are exploring ways of using middleware
to enable enterprise applications that will work on multiple cloud
platforms.

The Open Cloud Consortium (www.opencloudconsortium.org) is working on a
standard that, like OVF, would create an intermediary format that would make
it easier to migrate distributed data and applications—typically used to
process large amounts of data—across cloud platforms.

According to OCC chair Robert Grossman, the consortium will release its
first cloud-interoperability standards in six to 12 months.
Security and Identity

Companies want to apply their existing security and user-identity-management
tools to applications running on different cloud platforms.

Security and identity management are critical to organizations and are a
particular concern when data and applications reside on the cloud, noted
Dave Lounsbury, vice president of collaboration services at the Open Group,
an industry consortium that develops enterprise-oriented
information-interoperability standards.

Cloud-computing adoption will be limited until these issues are addressed,
he said.

The Open Group's Jericho
Forum<http://www.opengroup.org/jericho/cloud_cube_model_v1.0.pdf>is
studying security- and identity-related cloud-computing issues. In
part,
they are looking at ways to use security- and identity-related applications
across cloud platforms.

The Cloud Security Alliance, another industry consortium, is working on
recommendations for best practices regarding cloud-computing security,
including interoperability-related
issues<http://www.cloudsecurityalliance.org/guidance>
.
Interoperability between the Cloud and the Enterprise

Organizations need to automatically provision services, manage VM instances,
and work with both cloud-based and enterprise-based applications using a
single tool set that can function across existing programs and multiple
cloud providers. Efforts are under way to solve this problem.

For example, the Open Grid Forum (www.ogf.org), an industry group, is
working on the Open Cloud Computing Interface, which would provide an API
for managing different cloud platforms.

In a similar move, ServePath, a hosting-services provider, has released its
GoGrid API. The API should be easy to adopt because it's based on existing
standards, not proprietary technology, said ServePath technology evangelist
Michael Sheehan.

Several vendors—including Appistry, AppZero, and 3Tera—have created suites
of development and deployment platforms that make it easy to write a program
once and deploy it on one of many cloud environments.

In essence, these suites provide a layer of abstraction between the
programmer and the cloud platforms. Developers create applications for this
intermediate layer, which then supports and manages multiple hypervisors or
external cloud platforms.

These products would let applications run either internally or in the cloud.
Cloudy Future

The US government recently began looking for proposals to implement
cloud-computing interoperability on its systems. "Usually we think of the
federal government as being 10 years behind," said DMTF president Winston
Bumpus, "but in this case, we are looking at the government as a leader."

A major wild card in the cloud-interoperability effort is Amazon, whose
strong market position has enabled it to work with its own technology and
not participate in standards efforts. However, Sheehan predicted that Amazon
eventually will have to support interoperability to attract more corporate
business.

At this early stage in cloud computing's evolution, Forrester's Staten said,
premature standardization could stifle innovation and the technology's
development. And in today’s relatively new cloud-computing marketplace, he
added, there’s little incentive for vendors to cooperate with one another.

Bumpus, on the other hand, said there are good reasons for interoperability,
which is why numerous organizations are beginning to work on it.
------------------------------

George Lawton is a freelance technology writer based in Monte Rio,
California. Contact him at glawton at glawton.com..
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/occi-wg/attachments/20091022/bc113d27/attachment.html