More Related Content
Similar to Burkhard stiller cloiuds-fu-nems-2012
Similar to Burkhard stiller cloiuds-fu-nems-2012 (20)
Burkhard stiller cloiuds-fu-nems-2012
- 1. Mobile Summit, Cloud Networking – Technical and Business Challenges I
Berlin, July 4, 2012
Clouds — Challenges and Risks
Burkhard Stiller1
1Department of Informatics IFI, Communication Systems Group CSG,
University of Zürich UZH
stiller@ifi.uzh.ch
in collaboration with Guilherme Machado1 and Andrei Vancea1 and SESERV .
Introduction and Definition
Challenges and State-of-the-Art
Risks and Economics
Conclusions
© 2012 UZH, CSG@IFI 1
From Desktops to Clouds
Desktops and workstations
– Networked, low capacity storage, limited processing
Local clusters
– Connected, centralized, higher storage/processing
Institutional clusters, High-performance Computing HPC
– Access-controlled, centralized, high storage/processing
Grids
– Shared services on top of visible
hardware and software resources
Clouds: IaaS, PaaS, SaaS? Great Globular
Cluster in Hercules
© 2012 UZH, CSG@IFI 2
- 2. Clouds – Common Grounds
Clouds are [defined as]
– a large pool of easily usable and accessible virtualized
resources (such as hardware, development platforms, and/or
services [and software]).
– These resources can be dynamically reconfigured
• to adjust to a variable load (scale),
• allowing also for an optimum resource utilization.
– This pool of resources is typically exploited by a
pay-per-use model
• in which guarantees are offered by the infrastructure provider by
means of customized SLAs [Service Level Agreements].
L. M. Vaquero, L. Rodero-Merino, J. Caceres, M. Lindner: A Break in the Clouds: Towards a Cloud Definition;
ACM Computer Communications Review Vol. 39, No. 1, December 2008, pp 50-55.
© 2012 UZH, CSG@IFI 3
Cloud Characteristics in Practice (1)
Flexible pricing via pay-per-use
– Users pay for consumption of services/resources
– Computing capabilities exploited in models
Elastic scaling
– Resource availability can scale up or down at any time
by different factors as demand increases or decreases
Rapid provisioning
– Computing capabilities/services are immediately
provisioned without physical delivery/transferring
ownership or resources
Improvement of energy consumption
– Minimization of IT infrastructure power consumption
© 2012 UZH, CSG@IFI 4
- 3. Cloud Characteristics in Practice (2)
Virtualization
– Basically all computing resources are virtualized
• To provide independence of underlying infrastructure
• To achieve optimal utilization of resources
(Semi-)Standardized offerings
– Cloud services are highly provider-specific
– Cloud services offer limited customization
– Cloud services are usually available through
self-service interfaces
– Service request and provisioning processes automated
Based on J. De Vos, E. van Heusden: Implications of Cloud Computing on IT Service Management, 2010.
© 2012 UZH, CSG@IFI 5
Challenges
and Selected State-of-the-Art
© 2012 UZH, CSG@IFI 6
- 4. Key Challenges (1)
– Security and legal functionality
• Data location
• Data segregation between competitor’s data
• Privileged user access for sharing physical resources
• Recovery in case of disasters
• Fault investigation support
• Long-term viability wrt contracts
– Interoperability and standards
• Common and standard interfaces for cloud computing
• Portability of virtual appliances across diverse clouds providers
– E.g., migration of virtual machines, virtual networks, or live migration,
from one Cloud Provider to another
– Needed for robust and available cloud services
• Device-independency (bring your own – BYO), especially mobile
© 2012 UZH, CSG@IFI 7
Key Challenges (2)
– Optimization of capacity utilization
• “Avoid the promise of something that cannot be delivered!”
– Scheduling considering typical Cloud-specific parameters, e.g., CPU, RAM, bandwidth, and any other
parameter being sold …
• Over-capacity decreases user’s satisfaction, leading to loss of
revenue
• Under-capacity does not generate revenue for the Cloud Provider
– Cloud aggregation
• To ensure availability in case of faults
– Sharing of resources between cloud providers
– Brokering algorithms for high availability, performance, proximity, legal domains, price, or energy efficiency
• Networking in the deployment of services across multiple cloud
providers
• SLA negotiation and management between cloud providers
– SLAs, monitoring, and accounting (accountability)
© 2012 UZH, CSG@IFI 8
- 5. Open Issues – SLA, Monitoring, Accounting
Cloud providers typically do not offer guarantees
– Large to very huge sizes of Cloud provider IT infrastructures
• Technically hard to provide deterministic guarantees
• High complexity due to multiple inter-dependencies of resources
(physical, virtual, and their combinations)
– SLA specifications tailored toward Cloud users’ interests
• E.g., in terms of parameters like availability, but less focused on
technical ones, such as performance or bandwidth
Monitoring and accounting management
– Needs to consider layers inside and outside Cloud providers
– Accounting of virtual resources utilized (accountability)
• Even further, auditability is in full hands of Cloud providers
© 2012 UZH, CSG@IFI 9
State-of-the-Art
in Cloud SLAs
Cloud Provider Service SLA Parameters
Availability (99.9%) with the following definitions: Error Rate, Monthly Uptime
S3
Percentage, Service Credit
Availability (99.95%) with the following definitions: Service Year: 365 days of
EC2 (Elastic the year, Annual Percentage Uptime, Region Unavailable/Unavailability,
Amazon
Compute Cloud) Unavailable: no external connectivity during a five minute period, Eligible
Credit Period, Service Credit
Subject to the Amazon Web Services Customer Agreement, since no specific
SimpleDB
SLA is defined. Such agreement does not guarantee availability.
The company’s Web site does not contain information regarding SLAs for this
SalesForce CRM
specific service.
Google Apps (incl. Availability (99.9%) with the following definitions: Downtime, Downtime
Google Gmail business, Period: 10 consecutive minutes downtime, Google Apps Covered Services,
Google Docs) Monthly Uptime Percentage, Scheduled Downtime, Service, Service Credit.
Availability regarding the following:
Internal Network: 100%, Data Center Infrastructure: 100%
Performance related to service degradation: Server Migration in case of
Cloud Server performance problems: migration is notified 24 hours in advance, and is
completed in 3 hours (maximum).
Rackspace Cloud
Recovery Time: In case of failure, guarantee the restoration/recovery in 1
hour after the problem is identified.
Cloud Sites Availability, Unplanned Maintenance: 0%, Service Credit.
© 2012 UZH, CSG@IFI Cloud Files Availability: 99.9%, Service Credit.
10
- 6. State-of-the-Art
in Cloud SLA Management and Monitoring
Approach SLA@ RESERVOIR R. Serral- Trust Assess SLACC
SOI Gracia COM Grid
Prediction for Static Static Yes, evaluating No No Dynamically added
Parameters Parameters past service parameters
disruptions
Range of Narrow Medium and Narrow Wide and Unknown, Wide and flexible
Parameters Flexible flexible but flexible
Estimation No No No No No Yes
Algorithm
Risk No No No No Yes Embedding prepared
Assessment
IT No Yes, just for Unknown Only partially Unknown Yes
Infrastructure virtualization available –
Model incomplete
Estimates No No No No Yes, risk Yes
Repository repository
SLA Yes, not WS-Agreement Unknown WS- WS- Yes
Language defined yet Agreement Agreement
SLA Yes Yes No, detects Yes Yes Yes
Monitoring service
© 2012 UZH, CSG@IFI 11
disruption
Risks and Economics
© 2012 UZH, CSG@IFI 12
- 7. Basic Risks in Clouds
National Institute of Standards and Technology: An Introduction to Computer Security: The NIST Handbook, 800-12.
Risk = Threat X Vulnerabilities
– Threat:
• Any potentially malicious or other occurrence that can have an
undesirable effect on the assets and resources of the Cloud system
– Vulnerability:
• A quality or characteristic of the Cloud-based system that
provides an opportunity for misuse (internal or external)
Manifold Cloud-based threats, vulnerabilities (external):
– Eavesdropping, changing data, DDoS, provider shut-down …
• Threats for confidentiality, integrity, authenticity, availability …
– Service interfaces, data transfer, data storage, virtual
machines/sand-box, accounting data …
→ Risks are expressed typically in monetary values
© 2012 UZH, CSG@IFI 13
Economics
Economics (simplified): pricing – costs – chargeback
– External view: pricing for utilized Cloud services
• Common today: pay-per-use pricing models
– Elastic scaling of resources, usage of shared virtualized infrastructure …
• Hypothesis: The Cloud fundamentally changes the economics of IT.
– How to determine prices, find “good” ones?
• Cloud providers don’t provide guarantees
• Cloud users can easily switch between different providers
• Both do not really see strong economic commitments
– Internal view: how to determine and handle IT costs?
• Dynamic resource provisioning, (lack of) commitments, contracts (SLAs),
contract violations, monitoring tools, accounting models, personnel …
• Hypothesis: Pay-per-use models enable a more efficient use of capital,
potential cost reductions, and provide for business flexibility.
14
© 2012 UZH, CSG@IFI
- 8. Accounting and Costs
Existing knowledge
– Modeling of larger computing/data centers exist
– Understanding of almost all technical details,
however, not of all personnel-related costs
– Models in place for accounting and (selected) costs
Missing knowledge
– Models for “typical” IT infrastructures of (a) SME, (b) SME+,
and (c) SME- types of scenarios
– Accounting for virtual resources, mappings into physicals
• Needed to form the basis for evaluating usage and in turn costs
in IT infrastructures (technical and personnel)
– This may form the basis for utilizable pricing of cloud services
© 2012 UZH, CSG@IFI 15
Key Success Factors for Cloud Pricing
Transparency and understandability
– To offer transparent and understandable pricing models to stakeholders
Controllability
– To denote to what extent consumers are in control of IT costs
Cost of costing
– To quantify costs of the application of accounting models and to compare
them against potential benefits
Fairness
– To optimize perceived fairness, the key to pricing models, which refers to
the user’s perception of how fair the model is
Accuracy
– To what extent charges (allocated to an organizational unit) match to
each service accurately, approximating actual costs (cost recovery)
Based on B. Stiller, G. Fankhauser, N. Weiler, B. Plattner: Charging and Accounting for Integrated Internet Services
– State of the Art, Problems, and Trends, The Interet Summit (INET '98), Geneva, Switzerland, July 21-24, 1998,
and on J. De Vos, E. van Heusden: Implications of Cloud Computing on IT Service Management, 2010.
© 2012 UZH, CSG@IFI 16
- 9. Cloud Chargeback Metrics
What metrics can IT departments use to charge back
business units for cloud services?
– Chargeback for any IT service?
The question is complex!
– Charging for (tele-)communication services
– Charging for Infrastructure-as-a-Service (IaaS)
• CPU cycles, memory, disc space, I/O, bandwidth (telco)
– Charging for Platform-as-a-Service (PaaS) ?
• Concern at application development and support level
– Charging for Software-as-a-Service (SaaS) ?
• Metric evaluates business value of the service, such as the number of
customer requests responded to within a given period of time
© 2012 UZH, CSG@IFI 17
Economics Reconsidered
Economics (simplified): pricing – costs – chargeback
– External view: pricing for utilized Cloud services
• Hypothesis: Does the Cloud fundamentally change economics of IT?
• NO – but it demands for a much more transparent understanding of IT
and service costs within a Cloud user’s infrastructure.
– Internal view: how to determine and handle IT costs?
• Hypothesis: Pay-per-use enables more efficient use of capital,
potential cost reductions, and business flexibility.
• YES – As it seems today, however, total costs may not be reduced.
© 2012 UZH, CSG@IFI 18
- 10. Conclusions
© 2012 UZH, CSG@IFI 19
Clouds’ “Don’ts and Does”
Clouds do not define a single technology
Don‘ts
Clouds do not revolutionize technology
Clouds determine a business evolution to match agile
and flexible computing demands
Clouds enable an IT “capacity” increases (storage,
computing) while keeping costs low (or similar) without
investing in new infrastructure, maintenance, software
Clouds offer multiple technology facets and solutions
Does
© 2012 UZH, CSG@IFI 20
- 11. Generic Cloud Evaluation
+ Scale and encapsulated update/change management
positive aspects
• Greater efficiency of provision as economies of scale hold
+ Costs
Mostly
• Pay-as-you-go scheme, which avoids over-buying resources
+ Flexibility and agility as well as next generation migration
• On-demand computing demands
• Ability to create new compute resources to experiment with
– Security (Integrity, privacy, and data protection)
negative aspects
• Dedicated scenario- and technology-dependent case analysis required
Partially
– Availability, reliability, and lack of control
• Full dependency on cloud provider (technology, SLA)
– Lock-in effects
• Cloud provider-specific interfaces, maintenance, SLAs, and pricing exist
© 2012 UZH, CSG@IFI 21
Thank you for your attention.
Questions?
© 2012 UZH, CSG@IFI 22