SlideShare una empresa de Scribd logo
1 de 13
Descargar para leer sin conexión
Moving to the Cloud Requires Companies to Focus on
Dynamic Workloads
Transcript of a sponsored BriefingsDirect podcast on modernizing IT to become business service
factories.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor:
WSO2


Dana Gardner: Hi. This is Dana Gardner, Principal Analyst at Interarbor Solutions, and you're
                 listening to BriefingsDirect.

                 Today, we present a sponsored podcast discussion on the role and importance of
                 private cloud infrastructure models as a stepping stone to much needed new
                 operational models for IT.

                 A lot of the interest in cloud computing generally has been as much about a
wish to escape the complex and wasteful ways of the old as an embrace of something well
understood and new. [Disclosure: WSO2 is a sponsor of BriefingsDirect podcasts.]

So, how do large enterprises remake themselves into business service factories? How do they
modernize IT and Internet-enabled ecosystem processes in the same ways that industrial
engineering, lean manufacturing, efficiency measurement, just-in-time inventory, and various
maturity models revolutionized bricks and mortar businesses a generation ago?

This larger question of how to attain IT transformation is what cloud computing purports to
answer. But, the question itself may be more important than any yet defined answer. If public
cloud computing is an end goal that provides a catalyst to such needed general transformation, all
ends well and good.

Meanwhile, what of the practical steps that can help an organization now? How can enterprises
learn to adopt new services sourcing models as well as to attain the means for better consumption
of services, regardless of their origins?

Today, we’ll examine how enterprises can appreciate the transformative role of private cloud and
begin to focus on dynamic workloads and agile middleware as essential enablers along the way
to even larger process-level business benefit, and then ultimately to a more fully cloud-based IT
model.

To discuss how workload assembly in the private cloud domain provides a big step in the right
direction for IT’s future, we're joined by Paul Fremantle, the UK-based Chief Technology Officer
and co-founder of WSO2. Welcome, Paul.

Paul Fremantle: Hi, Dana. How are you doing?
Gardner: I'm well, thank you. We are also here today with Paul O’Connor, Chief Technology
Officer at ANATAS International in Sydney, Australia. Welcome to you as well, Paul.

Thanks, Dana.

Gardner: Paul O’Connor, tell me a little bit about why a transformative new approach to IT is
necessary. It seems as if incremental improvement is just not good enough.

Past failures

O'Connor: It’s unfortunate, but it’s fair to say that all of the past initiatives that we tried in
                large, complex enterprises have been a failure. In some cases, we’ve actually
                 made things worse. Large enterprises, at the same time, still have to focus on
                 efficiency, agility, and delivery to their end users, so as to achieve market
                 competitiveness. We still have that maniacal focus on delivery and efficiency, and
                 now some new thinking has come in.

                 Specifically, we have cloud or the everything-as-a-service operating model
                coupled with a series of other trends in the industry that are being bolted together
for a final assault on meaningful efficiency. You hit the nail on the head when you mentioned
industrial engineering, because industrial engineering is the organizing principle for weaving all
of these facets together.

When we focus on industrial engineering, we already have an established pattern. The techniques
are now lean manufacturing, process improvement and measurement of efficiency, just-in-time
inventory, maturity models. Ultimately, large enterprises are now approaching the problem
effectively including cloud, including moving to new operating models. They're really focusing
on building out that factory. I'm sure we’ll be able to tease out some of those specifics at a
slightly lower level of detail as the podcast goes on.

Gardner: Well, great. Maybe you could also tell us a little bit more about ANATAS
International; what sort of organization is that and what do you do there?

O'Connor: I'm CTO. We serve the Asia-Pacific region and have focused for a number of years
on next-gen architecture -- technical architecture, enterprise architecture and service oriented
architecture (SOA). In the last couple of years, we’ve been focusing as well on cloud, and on
how these things come together to give us a shot at being more efficient in large complex
enterprises.

Gardner: Paul Fremantle, why do you think that the idea of cloud computing has really caught
on, whether it’s private cloud, public cloud, platform as a service (PaaS), or infrastructure as a
service (IaaS). We're adding more as services all the time, but this really seems to have just
caught in people’s attention in the last two or three years, and seems to gain. It doesn’t seem to
be waning. Is it this need for a transformative approach that has made this somewhat of a silver
bullet? Why is this so important to people?

Fremantle: It’s a fairly straightforward story. We've discovered that you cannot just build an IT
                    system or an IT infrastructure, put your feet up, sit back, and say, "Well, that
                    will do the business," because the business has learned that IT itself is
                    transformative and you have to be pushing the boundaries in order to
                    compete in the modern world.

                     Effectively, it’s no longer good enough to just put in a new system in every 5
                     or 10 years and sit back and run it. People are constantly pushing to create
                     new value to build new processes, to find better ways of using what they
                     have, linking it together, composing it, and doing new things.

So the speed of delivery and the agility of organizations have become absolutely key to their
competitiveness and fundamentally to their stock price. A huge move in agility came first with
web, with portals, and with SOA. People discovered that, rather than writing things from scratch,
they could reuse, they could reconfigure, and they could attach things together in new ways to
build function. As they did that, the speed of development and the speed of creating these new
processes has skyrocketed.

Unfortunately, the speed and agility of the infrastructure and of the ability to take these things
and host them has not kept up. What cloud has done is that it has suddenly energized the
infrastructure, energized the platform, and has given people a way of not just building things
quickly but hosting them, deploying them, and managing them in an agile way. Fundamentally,
what’s driving the cloud revolution is speed of delivery.

Gardner: I’ll go back to Paul O’Connor with his comments about architecture. As we do what
Paul Fremantle has suggested, we seem to also hit up against scale. Automation needs to kick in,
and that can perhaps only be best attained through an architecture built for scale. How do the
modern platforms and systems that Paul Fremantle is discussing provide a catalyst, or at least a
cohort, to this need for better architecture, Paul O’Connor?

Better architecture

O'Connor: When we say better architecture, I think what we are talking about is the facets of
architecture that are about process, that are about that how you actually design and build and
deliver. At the end of the day, architecture is about change, and it must be agile. I can architect a
fantastic Sydney Opera House, but if I can't organize the construction materials to show up in a
structured way, then I can’t construct it. Effectively, we’ve embraced that concept now in large
enterprises.

Specifically in IT, we find coming into play around this concept a lot of the same capabilities that
we’ve already developed, some of which Paul alluded to, plus things like policy based, model-
driven configuration and governance, management and monitoring and asset metadata, asset
lifecycle management types of things relative to services and the underlying assets that are
needed to actually provision and manage them.

We're seeing those brought to bear against the difficult problems of how might I create a very
agile architecture that requires an order of magnitude less people to deliver and manage.

It helps with problems like this: How can I keep configured a thousand end points in my
enterprise, some of which might be everything from existing servers and web farms all the way
up to instances of lean middleware like WSO2 that I might spin up in the cloud to process large
workloads and all of the data associated with it?

Gardner: I suppose also, Paul Fremantle, that a secondary or additional motivator at this time is
the need for pervasive security, for baking security and governance in across the board, not as a
bolt-on, not as an afterthought, not as some sort a requirement of that is separate and distinct
from the entire IT lifecycle.

So, is there also a bit of a catalyst when it comes to making security pervasive that's also driving
folks to better architecture and more agile middleware that will perhaps ultimately move towards
a cloud-based model?

Fremantle: Absolutely. The biggest concern in everyone's mind around cloud is security. I think
                     there's an opportunity to turn that from a negative into a positive by
                      fundamentally building secure systems from day one, rather than just
                      relying on them being secure from where they are located, which is kind
                      of the current model.

                           I'm a firm believer that the real success in cloud is going to come from
designing systems that are inherently built to run in the cloud, whether that's about scale,
elasticity, security, or things like multi-tenancy and self-service.

Those concepts of building things that run in the cloud and making the software inherently cloud
aware, comes back to what Paul O'Connor was talking about with regard to having the right
architecture for the future and for the cloud.

Gardner: So, when we look at security as a positive, rather than a negative, as we transform and
transition with cloud models, is there more than one layer or level of security? How do we
approach this? How do we get our hands around it, so that it can be something that's
implemented, rather than almost just at the division or abstract level?

Federated security


Fremantle: The first and most important thing is to use middleware and models that are
designed around federated security. This is just a simple thing. If you look back at middleware,
for example message queuing products from 10 years ago, there was no inherent security in
them.

If you look at the SOA stack and the SOAP models or even REST models, there are inherent
security models such as WS-Trust, WS-SecureConversation, or in the REST model things like
SAML2, OAuth and OpenID. These models allow you to build highly secure systems.

But, however much I think it's possible to build secure cloud systems, the reality is that today 90
percent of my customers are not willing or interested in hosting things in a public cloud. It’s
driving a huge demand for private cloud. That’s going to change, as people gain confidence and
as they start to protect and rebuild their systems with federated security in mind from day one,
but that's going to take some time.

Gardner: Paul O’Connor, do you share Paul Fremantle's concept that good architecture and
building for cloud models has an inherent security benefit to it? Are you at ANATAS also
architecting for both security and a services factory model?

O'Connor: Absolutely. You're not allowed to do anything in large enterprises architecturally
without getting past security. When I say get past security, I'm talking about the people who have
magnifying glasses on your architectural content documents. It's important enough to say again
what Paul brought out about location not being the way to secure your customer data anymore.

The motivation for a new security model is not just in terms of movement all the way to the other
end of the agility rainbow, where in a public cloud you’re mashing up some of your data with
everybody else's, potentially, and concerned about it going astray.

It’s really about that internal factory configuration and design that says, even internally in large
enterprises, I can't rely on having zones of network security that I pin my security architecture to.
I have to do it at the message level. I have to use some of the standards and the technologies that
we've seen evolved over the past five, six, seven years that Paul Fremantle was referencing to
really come to bear to keep me secure.

Once I do that, then it's not that far of a leap to conceive of an environment where those same
security structures, technologies, and processes can be used in a more hybrid architecture, where
maybe it's not just secure internal private cloud, but maybe it's virtual private cloud running
outside of the enterprise.

That brings in other facets that we really have to sort out. They have to do with how we source
that capacity, even if it's virtual private cloud or even if it's tenanted. We have to work on our
zone security model that talks about what's allowed to be where. We have to profile our data and
understand how our data relates to workloads.

As Paul mentioned, we have to focus on federated identity and trust, so identity as a service. We
have to assemble the way that processing environments, be they internal or external, get their
identities, so that they can enforce security. PKI, and, this is a big one, we have to get our
certificates and private keys into the right spot.
Policy-driven governance

Once we build all those foundations for this, we then have to focus on policy-driven governance
of how workloads are assembled with respect to all of those different security facets and all of
the other facets, including quality of service, capacity, cost, and everything else. But, ultimately
yes, we can solve this and we will solve this over the next few years. All this makes for good,
effective security architecture in general. It's just a matter of helping people, through forums like
this, to think about it in a slightly different way.

Gardner: As we're moving towards new kinds of architectures that can be inclusive of the past,
but prepare us better for the future with this full set of requirements in terms of scalability,
security, openness to sourcing elasticity, and so forth, what do we need to look for in terms of the
underlying infrastructure itself?

Are there some key requirements that we would look for in terms of how the performance,
technical characteristics, standard support, all come together in such a way that we can move
forward including compatibility with what's in place, and still start meeting up with what we
want around performance, the sourcing flexibility and security. Let me take that first to Paul
Fremantle. What needs to be in place?

Fremantle: I believe that the world has slightly gone backwards, and that isn't actually that
surprising. When people move forward into such a big jump as to move from a fixed
infrastructure to a cloud infrastructure, sometimes it's kind of easy to move back in another area.
I think what's happened to some extent is that, as people have moved forward into cloud
infrastructure, they have tended to build very straightforward monolithic applications.

The way that they have done that is to focus on, "I'm going to take something standalone and
simple that I can cloud-enable and that's going to be my first cloud project." What's happened is
that people have avoided the complexity of saying,"What I really need to be doing is building
composite applications with federated identity, with business process management (BPM), ESB
flows, and so forth."

And, that's not that surprising, when they're taking on something new. But, very rapidly, people
are going to realize that a cloud app on its own is just as isolated as an enterprise app that can't
talk to anything.

The result is that people are going to need to move up the stack. At the moment, everyone is very
focused on virtual machines (VMs) and IaaS. That doesn't help you with all the things that Paul
O'Connor has been talking about with architecture, scalability, and building systems that are
going to really be transformative and change the way you do things.

From my perspective, the way that you do that is that you stop focusing on VMs and you try and
move up a layer, and start thinking about PaaS instead of IaaS.
You try to build things that use inherent cloud capabilities offered by a platform that give you
scalability, federated security, identity, billing, all the things that you are going to need in that
cloud environment that you don't want to have to write and build yourself. You want a platform
to provide that. That's really where the world is going to have to move in order to take the full
advantage of cloud -- PaaS.

Gardner: Paul O'Connor, from your perspective, what are some key characteristics that that
platform should have? What are the necessary ingredients in order to make this automated,
controllable, governed, and to scale across these new sourcing models that we're approaching?

The name of the game

O'Connor: I totally agree with everything Paul Fremantle just said. PaaS is the name of the
game. If you go to 10 large enterprises, you're going to find them by and large focusing on IaaS.
That's fine. It's a much lower barrier of entry relative to where most shops are currently in terms
of virtualization.

But, when you get up into delivering new value, you're really creating that factory. Just to draw
an analogy, you don't go to an auto factory, where the workers are meant to be programming
robots. They build cars. Same thing with business service delivery in IT -- it's really important to
plug your reference model and your reference architectures for cloud into that factory approach.

You want your PaaS to be a one-stop-shop for business service production and that means from
the very beginning to the very end. You have to tenant and support your customers all along the
way. So it really takes the vertical stack, which is the way we currently think about cloud in
terms of IaaS, and fans it out horizontally, so that we have a place to plug different customers in
the enterprise into that.

And what we find is, just as in any good factory or any good process design, we really focus on
what it is those customers need and when. For example, just to take one of many things that's
typically broken in large enterprises, testing and test environments. Sometimes it takes weeks in
large organization to get test environments. We see customers who literally forgo key parts of
testing and really sort of do a big bang test approach at the end, because it is so difficult to get
environment and to manage the configuration of those environments.

One of the ways we can fix that is by organizing that part of the PaaS story and wrap around
some of the attendant next-generation configuration management capabilities that go along with
that. That would include things like service test virtualization, agile operations, asset metadata
management, some of the application lifecycle management (ALM) stuff, and focus on
systemically killing the biggest impedances in the order of most pain in the enterprise. You can
do that without worrying about, or going anywhere near, public cloud to go do data processing.

So that's the here and now, and I'd say that that's also supportive of a longer term, grand unified
field theory of cloud, which is about consuming IT entirely as a service. To do that, we have to
get our house in order in the same way and focus on organizing and re-organizing in terms of
transformation in the enterprise to support first the internal customers, followed by using the
same presets and tenets to focus on getting outside of the organization in a very structured way.

But eventually moving workloads out of the organization and focusing on direct interaction with
the business, I think we will see larger appetites by the business for more applications and a need
to put them into a place where they are more easily managed, and eventually, it may take 20
years, but I think you'll see organizations move to turn off their internal IT departments and focus
on business, focus on being an insurance company, a bank, or a logistics company. But, we start
in the here and now with PaaS.

Gardner: Okay. Paul O'Connor, if I can just add one more thing to that. I read in some of your
literature -- and I quote from you -- “Work load assembly in the cloud is the name of the game.”
It seems that you're talking about private cloud first, then, ultimately, any number of other hybrid
cloud scenarios. Is that what you mean across this development, test, deploy, workload
assembly? What do you mean by that?

What is it doing?

O'Connor: Workload Assembly. What I mean by that is that we need a profile of what it is we
do in terms of work. If I plug a job into the wall that is my next-gen IT architecture, what is it
actually doing and how will I know? The types of things vary. It varies widely between phases of
my development cycle.

Obviously, if I do load and performance testing, I've got a large workload. If I do production,
I’ve got a large workload. If I move to big data, and I am starting to do massively scalar analytics
because the business realizes that you go after such an application, thanks to where IT is taking
the enterprise, then that's a whole other ball of wax again.

What I have to do is understand those workloads. I have to understand them in terms of the data
that they operate on, especially in terms of its confidentiality. I have to understand what
requirements I need to assemble in terms of the workload processing.

If I have identify show up, or private key, I have to do integration, or I have to wire into different
systems and data sources, all of that has to be understood and assembled with that workload. I
have to characterize workload in a very specific way, because ultimately I want to use something
like WSO2 Stratos to assemble what that workload needs to run. Once I can assemble it, then it
becomes even easier for me to work my way through the dev, test, stage, release, operate cycle.

Gardner: Paul Fremantle, tell me what WSO2 is doing to help people like Paul O'Connor reach
this workload assembly capability?

Fremantle: What we have done is build our Carbon middleware on OSGi. About two years ago,
we started thinking how we're going to make that really effective in a cloud environment. We
came up with this concept of cloud-native software. We were lucky, because, having modularized
Carbon, we had also kernelized it. We put everything around a single kernel. So, we were able to
make that kernel operate in a cloud environment.
That’s the engineering viewpoint, but from the architecture viewpoint, what we're providing to
architects like Paul O’Connor is a complete platform that gives you what you need to build out
all of the great things that Paul O’Connor has been talking about.

That starts with some very simple things, like identity as a service, so that there is a consistent
multi-tenant concept of identity, authorization, and entitlement available wherever you are in the
private cloud, or the public cloud, or hybrid.

The next thing, which we think absolutely vital, is governance monitoring, metering, and billing,
all available as a service, so that you can see what's happening in this cloud. You can monitor and
meter it, you can allocate cost to the right people, whether that’s a public bill or an internal report
within a private cloud.

Then, we're saying that as you build out this cloud, you need the right infrastructure to be able to
build these assemblies and to be able to scale. You need to have a cloud native app server that
can be deployed in the cloud and elastically scale up and down. You need to have an ESB as a
service that can be used to link together different cloud applications, whether they're public
cloud, private cloud, or a combination of the two.

Pulling together

And, you need to have things like business process in the cloud, portal in the cloud, and so on, to
pull these things together. Of course, on the way, you're going to need things like queues or
databases. So, what we're doing with Stratos is pulling together the combination of those
components that you need to have a good architecture, and making them available as a service,
whether it's in a private cloud or a public cloud.

That is absolutely vital. It's about providing people with the right building blocks. If you look at
what the IaaS providers are doing, they're providing people with VMs as the building blocks.

Twenty years ago, if someone asked me to build an app, I would have started with the machine
and the OS and I would start writing code. But, in the last 20 years we've moved up the stack. If
someone asked me to build an app now, I would start with an app server, a message queuing
infrastructure, an ESB, a business process server, and a portal. All these components help me be
much more effective and much quicker. In a cloud, those are the cloud components that you need
to have lying around ready to assemble, and that to me is the answer.

Gardner: Paul Fremantle, you're describing what you think is the best way to support a
workload assembly capability, but how is that different from what we're seeing from some of the
service delivery platform vendors, and what we could call "cloud in a box?" What's the
difference between what they're talking about and what you're talking about?

Fremantle: I'm seeing various things in the marketplace. Obviously, there are people like
Eucalyptus, Ubuntu, and of course VMware, who are providing private IaaS, and that’s very
important. We work on top of those layers. I'm also seeing a lot of people producing PaaS. This
has been an exciting month. We've had two acquisitions in that space.

The thing that those PaaS providers are missing, and most of the PaaS that I see out there is
missing, is a real enterprise architecture view of the world. It's fine to provide a web app as a
service and a database as a service. Those are the basic building blocks that people need. But, if
you don't have an open, clear definition of identity, governance, business activity monitoring,
BPM, and ESB, you're stuck in a 10-year-old architecture.

So, for me, where you're going to have to move is to a complete platform that understands
enterprise architecture (EA). It isn’t just about saying, "I've got a web app and a database that are
somehow provided in a cloud native fashion."

Gardner: Paul O'Connor, I'm an advocate of showing rather than telling, when it comes to these
sorts of complex issues. Do we have any examples of perhaps companies that ANATAS has
worked with, where they have employed some of these approaches, whether from a position of
the technology, the actual implementation of certain products and services, the methodologies, or
all of the above? What do you get? What happens when you do this properly? What sort of
business and/or technical benefits can we expect based on the record so far?

O'Connor: I'll tell you about a large enterprise that we have been working with for a good long
while. They are building an internal PaaS, an internal platform which is operated as a service.
This is key. They're looking at that as a way to achieve some tangible benefits right out of the
gate, while supporting a longer-term vision, which is about beating back into submission as
much of the sprawl that has grown up over the course of time in large enterprises.

The immediate benefits in that case are about efficiency and business service architecture and
constraints. By that, I mean that if you have one standard service delivery process that’s highly
efficient that starts with modeling and works its way all the way through to operation in a
business sense of business services, what you wind up with is an approach on the business side
itself to use that as a lever to go out and directly be able to add in efficiencies, attack new
markets, and really focus on some things on the business side that were latent, because there was
a feeling that it couldn't be delivered efficiently by IT or may not work.

Seeing it work

We're really seeing that lever work. It's right there. We're also seeing a focus on a broader
picture. I want to make one point following up on what Paul Fremantle was saying earlier. We
really need to have, and this is what this client has done, a reference architecture that is sort of
the antithesis of cloud in a box.

It's structured so that you don’t get tied into one particular vendor's view of cloud or anything
else. You’ve really taken an Architecture 101 approach. You build a reference model, you build a
reference architecture, you go execute against that, and you don’t have either an inheritance from
the IaaS guys up into the higher parts of the stack or the sprawl from the existing platform
players down into the infrastructure space.
Ultimately, and this is how this client views it, cloud is more than a way of thinking. It’s open
and it’s about getting your house in order, but it’s also about not being locked in and trying to, in
the case where we feel like we should, turn the table on our existing vendors.

And that’s what WSO2 is doing in terms of a feature-driven lean middleware and also the way
that they are approaching delivery in terms of a professional open-source model, and is very
much in keeping with the way that my clients view the cloud.

Gardner: Paul Fremantle, we only have time for one additional example. Do you have some
customers that you've been working with that are perhaps what you would consider a bellwether
for where the rest of the enterprises are likely to go?

Fremantle: I want to put a different spin on this, which is that as well as the companies that are
doing what Paul O'Connor was talking about and using PaaS to create the software factory
concept within their organization, there is another angle on this, which is interesting. It's the
ability of people, not just software vendors, but also system integrators and even service
providers, to start using PaaS to create their own cloud software as a service (SaaS).

This was brought to mind to me by one European-based system integrator and business process
outsourcer. Unfortunately, I can’t name them, but they're a partner of ours. What they've started
to do is think, "When I'm building an application or a process for customer, is that something that
is really applicable just to this one customer or is it something that is a reusable asset, that can be
offered as a service to multiple customers?"

Of course, that may not be offered over the public cloud. It may be hosted in a private cloud and
different companies give a VPN access to their own tenant within that. It’s something I'm seeing
a lot of software companies looking at as well, which is to start converting their applications into
SaaS.

And as you do that, you quickly find that the things you need, the capabilities that you need, in
order to offer SaaS are the same capabilities that you need in a platform. They're the things I was
talking about before, things like identity, governance, metadata, monitoring and metering billing.

To me, the interesting thing here is the intersection between how large enterprises are treating
their software development and how software companies are treating their software
development, and system integrators and business process outsourcers are treating their software
development. They're all converging on the most efficient model that we have come up with yet.

Gardner: Very interesting. It sounds as if the IT ecosystem is marching in tandem towards the
same vision, and that will perhaps enable these enterprises to move all the more quickly, rather
than the enterprises doing it essentially on their own.

Fremantle: Absolutely.
Gardner: Well, very good. I'm afraid we're about out of time. We've been discussing how
workload assembly and the concept of a business service factory are important attributes to
private clouds, and how private clouds when established using these best practices and
principles, can provide a huge stepping stone in the right direction for the future of IT, a
transformed future of IT.

I want to thank our panelists. We've been joined by Paul Fremantle, the UK-based Chief
Technology Officer and co-founder of WSO2. Thanks so much, Paul.

Fremantle: Thank you very much.

Gardner: And, we’ve also been joined by Paul O’Connor, the Chief Technology Officer at
ANATAS International in Sydney, Australia. Thanks for joining as well, Paul.

O'Connor: Thanks, Dana.

Gardner: This is Dana Gardner, Principal Analyst at Interarbor Solutions. You've been listening
to a sponsored BriefingsDirect podcast. Thanks for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor:
WSO2

Transcript of a sponsored BriefingsDirect podcast on modernizing IT to become business service
factories. Copyright Interarbor Solutions, LLC, 2005-2011. All rights reserved.

You may also be interested in:

  •    Cloud Computing's Ultimate Value Depends on Open PaaS Models to Avoid Applications
       and Data Lock-In
  •    Open Source and Cloud: A Curse of Blessing During Recession? BriefingsDirect
       Analysts Weigh In
  •    WSO2 Data Services Provide Catalyst for SOA and Set Stage for New Cloud-Based Data
       Models
Moving to the Cloud Requires Companies to Focus on Dynamic Workloads

Más contenido relacionado

Último

Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 

Último (20)

Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 

Moving to the Cloud Requires Companies to Focus on Dynamic Workloads

  • 1. Moving to the Cloud Requires Companies to Focus on Dynamic Workloads Transcript of a sponsored BriefingsDirect podcast on modernizing IT to become business service factories. Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: WSO2 Dana Gardner: Hi. This is Dana Gardner, Principal Analyst at Interarbor Solutions, and you're listening to BriefingsDirect. Today, we present a sponsored podcast discussion on the role and importance of private cloud infrastructure models as a stepping stone to much needed new operational models for IT. A lot of the interest in cloud computing generally has been as much about a wish to escape the complex and wasteful ways of the old as an embrace of something well understood and new. [Disclosure: WSO2 is a sponsor of BriefingsDirect podcasts.] So, how do large enterprises remake themselves into business service factories? How do they modernize IT and Internet-enabled ecosystem processes in the same ways that industrial engineering, lean manufacturing, efficiency measurement, just-in-time inventory, and various maturity models revolutionized bricks and mortar businesses a generation ago? This larger question of how to attain IT transformation is what cloud computing purports to answer. But, the question itself may be more important than any yet defined answer. If public cloud computing is an end goal that provides a catalyst to such needed general transformation, all ends well and good. Meanwhile, what of the practical steps that can help an organization now? How can enterprises learn to adopt new services sourcing models as well as to attain the means for better consumption of services, regardless of their origins? Today, we’ll examine how enterprises can appreciate the transformative role of private cloud and begin to focus on dynamic workloads and agile middleware as essential enablers along the way to even larger process-level business benefit, and then ultimately to a more fully cloud-based IT model. To discuss how workload assembly in the private cloud domain provides a big step in the right direction for IT’s future, we're joined by Paul Fremantle, the UK-based Chief Technology Officer and co-founder of WSO2. Welcome, Paul. Paul Fremantle: Hi, Dana. How are you doing?
  • 2. Gardner: I'm well, thank you. We are also here today with Paul O’Connor, Chief Technology Officer at ANATAS International in Sydney, Australia. Welcome to you as well, Paul. Thanks, Dana. Gardner: Paul O’Connor, tell me a little bit about why a transformative new approach to IT is necessary. It seems as if incremental improvement is just not good enough. Past failures O'Connor: It’s unfortunate, but it’s fair to say that all of the past initiatives that we tried in large, complex enterprises have been a failure. In some cases, we’ve actually made things worse. Large enterprises, at the same time, still have to focus on efficiency, agility, and delivery to their end users, so as to achieve market competitiveness. We still have that maniacal focus on delivery and efficiency, and now some new thinking has come in. Specifically, we have cloud or the everything-as-a-service operating model coupled with a series of other trends in the industry that are being bolted together for a final assault on meaningful efficiency. You hit the nail on the head when you mentioned industrial engineering, because industrial engineering is the organizing principle for weaving all of these facets together. When we focus on industrial engineering, we already have an established pattern. The techniques are now lean manufacturing, process improvement and measurement of efficiency, just-in-time inventory, maturity models. Ultimately, large enterprises are now approaching the problem effectively including cloud, including moving to new operating models. They're really focusing on building out that factory. I'm sure we’ll be able to tease out some of those specifics at a slightly lower level of detail as the podcast goes on. Gardner: Well, great. Maybe you could also tell us a little bit more about ANATAS International; what sort of organization is that and what do you do there? O'Connor: I'm CTO. We serve the Asia-Pacific region and have focused for a number of years on next-gen architecture -- technical architecture, enterprise architecture and service oriented architecture (SOA). In the last couple of years, we’ve been focusing as well on cloud, and on how these things come together to give us a shot at being more efficient in large complex enterprises. Gardner: Paul Fremantle, why do you think that the idea of cloud computing has really caught on, whether it’s private cloud, public cloud, platform as a service (PaaS), or infrastructure as a service (IaaS). We're adding more as services all the time, but this really seems to have just caught in people’s attention in the last two or three years, and seems to gain. It doesn’t seem to
  • 3. be waning. Is it this need for a transformative approach that has made this somewhat of a silver bullet? Why is this so important to people? Fremantle: It’s a fairly straightforward story. We've discovered that you cannot just build an IT system or an IT infrastructure, put your feet up, sit back, and say, "Well, that will do the business," because the business has learned that IT itself is transformative and you have to be pushing the boundaries in order to compete in the modern world. Effectively, it’s no longer good enough to just put in a new system in every 5 or 10 years and sit back and run it. People are constantly pushing to create new value to build new processes, to find better ways of using what they have, linking it together, composing it, and doing new things. So the speed of delivery and the agility of organizations have become absolutely key to their competitiveness and fundamentally to their stock price. A huge move in agility came first with web, with portals, and with SOA. People discovered that, rather than writing things from scratch, they could reuse, they could reconfigure, and they could attach things together in new ways to build function. As they did that, the speed of development and the speed of creating these new processes has skyrocketed. Unfortunately, the speed and agility of the infrastructure and of the ability to take these things and host them has not kept up. What cloud has done is that it has suddenly energized the infrastructure, energized the platform, and has given people a way of not just building things quickly but hosting them, deploying them, and managing them in an agile way. Fundamentally, what’s driving the cloud revolution is speed of delivery. Gardner: I’ll go back to Paul O’Connor with his comments about architecture. As we do what Paul Fremantle has suggested, we seem to also hit up against scale. Automation needs to kick in, and that can perhaps only be best attained through an architecture built for scale. How do the modern platforms and systems that Paul Fremantle is discussing provide a catalyst, or at least a cohort, to this need for better architecture, Paul O’Connor? Better architecture O'Connor: When we say better architecture, I think what we are talking about is the facets of architecture that are about process, that are about that how you actually design and build and deliver. At the end of the day, architecture is about change, and it must be agile. I can architect a fantastic Sydney Opera House, but if I can't organize the construction materials to show up in a structured way, then I can’t construct it. Effectively, we’ve embraced that concept now in large enterprises. Specifically in IT, we find coming into play around this concept a lot of the same capabilities that we’ve already developed, some of which Paul alluded to, plus things like policy based, model- driven configuration and governance, management and monitoring and asset metadata, asset
  • 4. lifecycle management types of things relative to services and the underlying assets that are needed to actually provision and manage them. We're seeing those brought to bear against the difficult problems of how might I create a very agile architecture that requires an order of magnitude less people to deliver and manage. It helps with problems like this: How can I keep configured a thousand end points in my enterprise, some of which might be everything from existing servers and web farms all the way up to instances of lean middleware like WSO2 that I might spin up in the cloud to process large workloads and all of the data associated with it? Gardner: I suppose also, Paul Fremantle, that a secondary or additional motivator at this time is the need for pervasive security, for baking security and governance in across the board, not as a bolt-on, not as an afterthought, not as some sort a requirement of that is separate and distinct from the entire IT lifecycle. So, is there also a bit of a catalyst when it comes to making security pervasive that's also driving folks to better architecture and more agile middleware that will perhaps ultimately move towards a cloud-based model? Fremantle: Absolutely. The biggest concern in everyone's mind around cloud is security. I think there's an opportunity to turn that from a negative into a positive by fundamentally building secure systems from day one, rather than just relying on them being secure from where they are located, which is kind of the current model. I'm a firm believer that the real success in cloud is going to come from designing systems that are inherently built to run in the cloud, whether that's about scale, elasticity, security, or things like multi-tenancy and self-service. Those concepts of building things that run in the cloud and making the software inherently cloud aware, comes back to what Paul O'Connor was talking about with regard to having the right architecture for the future and for the cloud. Gardner: So, when we look at security as a positive, rather than a negative, as we transform and transition with cloud models, is there more than one layer or level of security? How do we approach this? How do we get our hands around it, so that it can be something that's implemented, rather than almost just at the division or abstract level? Federated security Fremantle: The first and most important thing is to use middleware and models that are designed around federated security. This is just a simple thing. If you look back at middleware,
  • 5. for example message queuing products from 10 years ago, there was no inherent security in them. If you look at the SOA stack and the SOAP models or even REST models, there are inherent security models such as WS-Trust, WS-SecureConversation, or in the REST model things like SAML2, OAuth and OpenID. These models allow you to build highly secure systems. But, however much I think it's possible to build secure cloud systems, the reality is that today 90 percent of my customers are not willing or interested in hosting things in a public cloud. It’s driving a huge demand for private cloud. That’s going to change, as people gain confidence and as they start to protect and rebuild their systems with federated security in mind from day one, but that's going to take some time. Gardner: Paul O’Connor, do you share Paul Fremantle's concept that good architecture and building for cloud models has an inherent security benefit to it? Are you at ANATAS also architecting for both security and a services factory model? O'Connor: Absolutely. You're not allowed to do anything in large enterprises architecturally without getting past security. When I say get past security, I'm talking about the people who have magnifying glasses on your architectural content documents. It's important enough to say again what Paul brought out about location not being the way to secure your customer data anymore. The motivation for a new security model is not just in terms of movement all the way to the other end of the agility rainbow, where in a public cloud you’re mashing up some of your data with everybody else's, potentially, and concerned about it going astray. It’s really about that internal factory configuration and design that says, even internally in large enterprises, I can't rely on having zones of network security that I pin my security architecture to. I have to do it at the message level. I have to use some of the standards and the technologies that we've seen evolved over the past five, six, seven years that Paul Fremantle was referencing to really come to bear to keep me secure. Once I do that, then it's not that far of a leap to conceive of an environment where those same security structures, technologies, and processes can be used in a more hybrid architecture, where maybe it's not just secure internal private cloud, but maybe it's virtual private cloud running outside of the enterprise. That brings in other facets that we really have to sort out. They have to do with how we source that capacity, even if it's virtual private cloud or even if it's tenanted. We have to work on our zone security model that talks about what's allowed to be where. We have to profile our data and understand how our data relates to workloads. As Paul mentioned, we have to focus on federated identity and trust, so identity as a service. We have to assemble the way that processing environments, be they internal or external, get their identities, so that they can enforce security. PKI, and, this is a big one, we have to get our certificates and private keys into the right spot.
  • 6. Policy-driven governance Once we build all those foundations for this, we then have to focus on policy-driven governance of how workloads are assembled with respect to all of those different security facets and all of the other facets, including quality of service, capacity, cost, and everything else. But, ultimately yes, we can solve this and we will solve this over the next few years. All this makes for good, effective security architecture in general. It's just a matter of helping people, through forums like this, to think about it in a slightly different way. Gardner: As we're moving towards new kinds of architectures that can be inclusive of the past, but prepare us better for the future with this full set of requirements in terms of scalability, security, openness to sourcing elasticity, and so forth, what do we need to look for in terms of the underlying infrastructure itself? Are there some key requirements that we would look for in terms of how the performance, technical characteristics, standard support, all come together in such a way that we can move forward including compatibility with what's in place, and still start meeting up with what we want around performance, the sourcing flexibility and security. Let me take that first to Paul Fremantle. What needs to be in place? Fremantle: I believe that the world has slightly gone backwards, and that isn't actually that surprising. When people move forward into such a big jump as to move from a fixed infrastructure to a cloud infrastructure, sometimes it's kind of easy to move back in another area. I think what's happened to some extent is that, as people have moved forward into cloud infrastructure, they have tended to build very straightforward monolithic applications. The way that they have done that is to focus on, "I'm going to take something standalone and simple that I can cloud-enable and that's going to be my first cloud project." What's happened is that people have avoided the complexity of saying,"What I really need to be doing is building composite applications with federated identity, with business process management (BPM), ESB flows, and so forth." And, that's not that surprising, when they're taking on something new. But, very rapidly, people are going to realize that a cloud app on its own is just as isolated as an enterprise app that can't talk to anything. The result is that people are going to need to move up the stack. At the moment, everyone is very focused on virtual machines (VMs) and IaaS. That doesn't help you with all the things that Paul O'Connor has been talking about with architecture, scalability, and building systems that are going to really be transformative and change the way you do things. From my perspective, the way that you do that is that you stop focusing on VMs and you try and move up a layer, and start thinking about PaaS instead of IaaS.
  • 7. You try to build things that use inherent cloud capabilities offered by a platform that give you scalability, federated security, identity, billing, all the things that you are going to need in that cloud environment that you don't want to have to write and build yourself. You want a platform to provide that. That's really where the world is going to have to move in order to take the full advantage of cloud -- PaaS. Gardner: Paul O'Connor, from your perspective, what are some key characteristics that that platform should have? What are the necessary ingredients in order to make this automated, controllable, governed, and to scale across these new sourcing models that we're approaching? The name of the game O'Connor: I totally agree with everything Paul Fremantle just said. PaaS is the name of the game. If you go to 10 large enterprises, you're going to find them by and large focusing on IaaS. That's fine. It's a much lower barrier of entry relative to where most shops are currently in terms of virtualization. But, when you get up into delivering new value, you're really creating that factory. Just to draw an analogy, you don't go to an auto factory, where the workers are meant to be programming robots. They build cars. Same thing with business service delivery in IT -- it's really important to plug your reference model and your reference architectures for cloud into that factory approach. You want your PaaS to be a one-stop-shop for business service production and that means from the very beginning to the very end. You have to tenant and support your customers all along the way. So it really takes the vertical stack, which is the way we currently think about cloud in terms of IaaS, and fans it out horizontally, so that we have a place to plug different customers in the enterprise into that. And what we find is, just as in any good factory or any good process design, we really focus on what it is those customers need and when. For example, just to take one of many things that's typically broken in large enterprises, testing and test environments. Sometimes it takes weeks in large organization to get test environments. We see customers who literally forgo key parts of testing and really sort of do a big bang test approach at the end, because it is so difficult to get environment and to manage the configuration of those environments. One of the ways we can fix that is by organizing that part of the PaaS story and wrap around some of the attendant next-generation configuration management capabilities that go along with that. That would include things like service test virtualization, agile operations, asset metadata management, some of the application lifecycle management (ALM) stuff, and focus on systemically killing the biggest impedances in the order of most pain in the enterprise. You can do that without worrying about, or going anywhere near, public cloud to go do data processing. So that's the here and now, and I'd say that that's also supportive of a longer term, grand unified field theory of cloud, which is about consuming IT entirely as a service. To do that, we have to get our house in order in the same way and focus on organizing and re-organizing in terms of
  • 8. transformation in the enterprise to support first the internal customers, followed by using the same presets and tenets to focus on getting outside of the organization in a very structured way. But eventually moving workloads out of the organization and focusing on direct interaction with the business, I think we will see larger appetites by the business for more applications and a need to put them into a place where they are more easily managed, and eventually, it may take 20 years, but I think you'll see organizations move to turn off their internal IT departments and focus on business, focus on being an insurance company, a bank, or a logistics company. But, we start in the here and now with PaaS. Gardner: Okay. Paul O'Connor, if I can just add one more thing to that. I read in some of your literature -- and I quote from you -- “Work load assembly in the cloud is the name of the game.” It seems that you're talking about private cloud first, then, ultimately, any number of other hybrid cloud scenarios. Is that what you mean across this development, test, deploy, workload assembly? What do you mean by that? What is it doing? O'Connor: Workload Assembly. What I mean by that is that we need a profile of what it is we do in terms of work. If I plug a job into the wall that is my next-gen IT architecture, what is it actually doing and how will I know? The types of things vary. It varies widely between phases of my development cycle. Obviously, if I do load and performance testing, I've got a large workload. If I do production, I’ve got a large workload. If I move to big data, and I am starting to do massively scalar analytics because the business realizes that you go after such an application, thanks to where IT is taking the enterprise, then that's a whole other ball of wax again. What I have to do is understand those workloads. I have to understand them in terms of the data that they operate on, especially in terms of its confidentiality. I have to understand what requirements I need to assemble in terms of the workload processing. If I have identify show up, or private key, I have to do integration, or I have to wire into different systems and data sources, all of that has to be understood and assembled with that workload. I have to characterize workload in a very specific way, because ultimately I want to use something like WSO2 Stratos to assemble what that workload needs to run. Once I can assemble it, then it becomes even easier for me to work my way through the dev, test, stage, release, operate cycle. Gardner: Paul Fremantle, tell me what WSO2 is doing to help people like Paul O'Connor reach this workload assembly capability? Fremantle: What we have done is build our Carbon middleware on OSGi. About two years ago, we started thinking how we're going to make that really effective in a cloud environment. We came up with this concept of cloud-native software. We were lucky, because, having modularized Carbon, we had also kernelized it. We put everything around a single kernel. So, we were able to make that kernel operate in a cloud environment.
  • 9. That’s the engineering viewpoint, but from the architecture viewpoint, what we're providing to architects like Paul O’Connor is a complete platform that gives you what you need to build out all of the great things that Paul O’Connor has been talking about. That starts with some very simple things, like identity as a service, so that there is a consistent multi-tenant concept of identity, authorization, and entitlement available wherever you are in the private cloud, or the public cloud, or hybrid. The next thing, which we think absolutely vital, is governance monitoring, metering, and billing, all available as a service, so that you can see what's happening in this cloud. You can monitor and meter it, you can allocate cost to the right people, whether that’s a public bill or an internal report within a private cloud. Then, we're saying that as you build out this cloud, you need the right infrastructure to be able to build these assemblies and to be able to scale. You need to have a cloud native app server that can be deployed in the cloud and elastically scale up and down. You need to have an ESB as a service that can be used to link together different cloud applications, whether they're public cloud, private cloud, or a combination of the two. Pulling together And, you need to have things like business process in the cloud, portal in the cloud, and so on, to pull these things together. Of course, on the way, you're going to need things like queues or databases. So, what we're doing with Stratos is pulling together the combination of those components that you need to have a good architecture, and making them available as a service, whether it's in a private cloud or a public cloud. That is absolutely vital. It's about providing people with the right building blocks. If you look at what the IaaS providers are doing, they're providing people with VMs as the building blocks. Twenty years ago, if someone asked me to build an app, I would have started with the machine and the OS and I would start writing code. But, in the last 20 years we've moved up the stack. If someone asked me to build an app now, I would start with an app server, a message queuing infrastructure, an ESB, a business process server, and a portal. All these components help me be much more effective and much quicker. In a cloud, those are the cloud components that you need to have lying around ready to assemble, and that to me is the answer. Gardner: Paul Fremantle, you're describing what you think is the best way to support a workload assembly capability, but how is that different from what we're seeing from some of the service delivery platform vendors, and what we could call "cloud in a box?" What's the difference between what they're talking about and what you're talking about? Fremantle: I'm seeing various things in the marketplace. Obviously, there are people like Eucalyptus, Ubuntu, and of course VMware, who are providing private IaaS, and that’s very
  • 10. important. We work on top of those layers. I'm also seeing a lot of people producing PaaS. This has been an exciting month. We've had two acquisitions in that space. The thing that those PaaS providers are missing, and most of the PaaS that I see out there is missing, is a real enterprise architecture view of the world. It's fine to provide a web app as a service and a database as a service. Those are the basic building blocks that people need. But, if you don't have an open, clear definition of identity, governance, business activity monitoring, BPM, and ESB, you're stuck in a 10-year-old architecture. So, for me, where you're going to have to move is to a complete platform that understands enterprise architecture (EA). It isn’t just about saying, "I've got a web app and a database that are somehow provided in a cloud native fashion." Gardner: Paul O'Connor, I'm an advocate of showing rather than telling, when it comes to these sorts of complex issues. Do we have any examples of perhaps companies that ANATAS has worked with, where they have employed some of these approaches, whether from a position of the technology, the actual implementation of certain products and services, the methodologies, or all of the above? What do you get? What happens when you do this properly? What sort of business and/or technical benefits can we expect based on the record so far? O'Connor: I'll tell you about a large enterprise that we have been working with for a good long while. They are building an internal PaaS, an internal platform which is operated as a service. This is key. They're looking at that as a way to achieve some tangible benefits right out of the gate, while supporting a longer-term vision, which is about beating back into submission as much of the sprawl that has grown up over the course of time in large enterprises. The immediate benefits in that case are about efficiency and business service architecture and constraints. By that, I mean that if you have one standard service delivery process that’s highly efficient that starts with modeling and works its way all the way through to operation in a business sense of business services, what you wind up with is an approach on the business side itself to use that as a lever to go out and directly be able to add in efficiencies, attack new markets, and really focus on some things on the business side that were latent, because there was a feeling that it couldn't be delivered efficiently by IT or may not work. Seeing it work We're really seeing that lever work. It's right there. We're also seeing a focus on a broader picture. I want to make one point following up on what Paul Fremantle was saying earlier. We really need to have, and this is what this client has done, a reference architecture that is sort of the antithesis of cloud in a box. It's structured so that you don’t get tied into one particular vendor's view of cloud or anything else. You’ve really taken an Architecture 101 approach. You build a reference model, you build a reference architecture, you go execute against that, and you don’t have either an inheritance from the IaaS guys up into the higher parts of the stack or the sprawl from the existing platform players down into the infrastructure space.
  • 11. Ultimately, and this is how this client views it, cloud is more than a way of thinking. It’s open and it’s about getting your house in order, but it’s also about not being locked in and trying to, in the case where we feel like we should, turn the table on our existing vendors. And that’s what WSO2 is doing in terms of a feature-driven lean middleware and also the way that they are approaching delivery in terms of a professional open-source model, and is very much in keeping with the way that my clients view the cloud. Gardner: Paul Fremantle, we only have time for one additional example. Do you have some customers that you've been working with that are perhaps what you would consider a bellwether for where the rest of the enterprises are likely to go? Fremantle: I want to put a different spin on this, which is that as well as the companies that are doing what Paul O'Connor was talking about and using PaaS to create the software factory concept within their organization, there is another angle on this, which is interesting. It's the ability of people, not just software vendors, but also system integrators and even service providers, to start using PaaS to create their own cloud software as a service (SaaS). This was brought to mind to me by one European-based system integrator and business process outsourcer. Unfortunately, I can’t name them, but they're a partner of ours. What they've started to do is think, "When I'm building an application or a process for customer, is that something that is really applicable just to this one customer or is it something that is a reusable asset, that can be offered as a service to multiple customers?" Of course, that may not be offered over the public cloud. It may be hosted in a private cloud and different companies give a VPN access to their own tenant within that. It’s something I'm seeing a lot of software companies looking at as well, which is to start converting their applications into SaaS. And as you do that, you quickly find that the things you need, the capabilities that you need, in order to offer SaaS are the same capabilities that you need in a platform. They're the things I was talking about before, things like identity, governance, metadata, monitoring and metering billing. To me, the interesting thing here is the intersection between how large enterprises are treating their software development and how software companies are treating their software development, and system integrators and business process outsourcers are treating their software development. They're all converging on the most efficient model that we have come up with yet. Gardner: Very interesting. It sounds as if the IT ecosystem is marching in tandem towards the same vision, and that will perhaps enable these enterprises to move all the more quickly, rather than the enterprises doing it essentially on their own. Fremantle: Absolutely.
  • 12. Gardner: Well, very good. I'm afraid we're about out of time. We've been discussing how workload assembly and the concept of a business service factory are important attributes to private clouds, and how private clouds when established using these best practices and principles, can provide a huge stepping stone in the right direction for the future of IT, a transformed future of IT. I want to thank our panelists. We've been joined by Paul Fremantle, the UK-based Chief Technology Officer and co-founder of WSO2. Thanks so much, Paul. Fremantle: Thank you very much. Gardner: And, we’ve also been joined by Paul O’Connor, the Chief Technology Officer at ANATAS International in Sydney, Australia. Thanks for joining as well, Paul. O'Connor: Thanks, Dana. Gardner: This is Dana Gardner, Principal Analyst at Interarbor Solutions. You've been listening to a sponsored BriefingsDirect podcast. Thanks for listening, and come back next time. Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: WSO2 Transcript of a sponsored BriefingsDirect podcast on modernizing IT to become business service factories. Copyright Interarbor Solutions, LLC, 2005-2011. All rights reserved. You may also be interested in: • Cloud Computing's Ultimate Value Depends on Open PaaS Models to Avoid Applications and Data Lock-In • Open Source and Cloud: A Curse of Blessing During Recession? BriefingsDirect Analysts Weigh In • WSO2 Data Services Provide Catalyst for SOA and Set Stage for New Cloud-Based Data Models