Saturday, October 1, 2011

Cloud Deployment Models – Private, Community, Public, Hybrid with Examples

How are Cloud Computing Solutions deployed? What are the general implications for different deployment options? A couple of months back I wrote about Cloud Service Models – Which one is for you? This post will cover another basic of Cloud Computing, popularly known as Cloud Deployment Models.

The content of this post is based on the recommendations of the National Institute of Standards and Technology (NIST) - Special Publication 800-146. The credit for the images used in this article goes to NIST - Special Publication 800-146. Please check references for details. This document is not subject to copyright.

Following are the four types of Cloud Deployment Models identified by NIST.

  • Private cloud
  • Community cloud
  • Public cloud
  • Hybrid cloud

Private Cloud

The cloud infrastructure is operated solely for an organization.

                                                      ---NIST

Contrary to popular belief, private cloud may exist off premises and can be managed by a third party. Thus, two private cloud scenarios exist, as follows:

  • On-site Private Cloud
    • Applies to private clouds implemented at a customer’s premises.
  • Outsourced Private Cloud
    • Applies to private clouds where the server side is outsourced to a hosting company.

Examples of Private Cloud:

  • Eucalyptus
  • Ubuntu Enterprise Cloud - UEC (powered by Eucalyptus)
  • Amazon VPC (Virtual Private Cloud)
  • VMware Cloud Infrastructure Suite
  • Microsoft ECI data center.

OnSite-Private-Cloud-Image

Outsourced-Private-Cloud-Image

Community Cloud

The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).  Government departments, universities, central banks etc. often find this type of cloud useful. Community cloud also has two possible scenarios:

  • On-site Community Cloud Scenario
    • Applies to community clouds implemented on the premises of
      the customers composing a community cloud
  • Outsourced Community Cloud
    • Applies to community clouds where the server side is
      outsourced to a hosting company.

Examples of Community Cloud:

  • Google Apps for Government
  • Microsoft Government Community Cloud

On-site-Community-Cloud

Outsourced-Community-Cloud

Public Cloud

The most ubiquitous, and almost a synonym for, cloud computing. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

Examples of Public Cloud:

  • Google App Engine
  • Microsoft Windows Azure
  • IBM Smart Cloud
  • Amazon EC2

Public-Cloud

Hybrid Cloud

The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds).

Examples of Hybrid Cloud:

  • Windows Azure (capable of Hybrid Cloud)
  • VMware vCloud (Hybrid Cloud Services)

Hybrid-Cloud

Cloud Deployment Implications

Irrespective of the deployment model, in general any organization opting for cloud must consider the following implications:

Network Dependency –  Whether you choose, on-site or off-shore, a reliable and secure network is highly desirable for good performance.

Subscribers still need IT skills – You can’t just offer a pink-slip to all your IT resources. To manage various user devices that access cloud, resources with traditional IT skills are required, though in lesser number. Additionally, your existing resources may need to update themselves with new skills for working in cloud.

Risk from multi-tenancy On-site private cloud mitigates this security risk by restricting the number of possible attackers as all the clients are typically the members of one subscriber organization. In a public cloud scenario, a single machine may be shared by the workloads of any combination of subscribers. This indeed raises the security risk as the number of potential attackers increases with number of subscribers. Therefore we can safely conclude that risk due to multi-tenancy increases in an order which can be stated as Private, Community, Hybrid, Public cloud.

Data import/export and performance limitations – Generally the on-demand bulk data import/export is limited by the cloud’s network capacity. In the on-site
private cloud scenario, however, these limits may be adjusted, although not eliminated, by provisioning high-performance and/or high-reliability networking within the subscriber's infrastructure.

Workloads Locations – Workloads refers to managing hardware resources efficiently. Generally, cloud migrates workloads between machines without any inconvenience to the clients, i.e., it’s hidden from the client. Generally, the cloud vendors take care of this but you must explicitly check with your vendor if it manages the resources efficiently.

The implications described here are general in nature. Before making any decision in favor of a specific deployment model, study the detailed implications of that particular deployment model. For details, please check the reference section.

References

NIST - Special Publication