There has been lot of talk on the definition of Cloud Computing and the fundamental differences between public and private clouds in the architect and decision maker community. The definition I like for Cloud Computing is: “On-demand utility computing delivered through internet standards and protocols”. This allows the flexibility of various cloud types including Public Cloud, Private Cloud, and other hybrid variants which may fall in between. These definitions are similar to the web application deployment taxonomy: internet, intranet, and extranet segmented based on the scope of the target audience.
Let us try to compare Public Cloud and Private Cloud ignoring the hybrid version for a moment... the two fundamental differences between the private and its public counterpart are:
1) Economy of Scale
2) Quality of Service
The core assumption behind the following comparison is that the Private Cloud will evolve organically while the Public Cloud will be built from ground up for a true multi-tenant environment.
Public Cloud virtualizes commodity servers, storage and networking thereby creating a massive pool of resources which can be paged in or out based on the on-demand computing needs of the overall ecosystem. The very survival of the Public Cloud depends on the extreme commoditization of the above IT resources and hence will form the core architecture tenet of the system.
Even though the vendors will provide the necessary tooling for enabling Private Clouds, these clouds will have to deal with the typical enterprise legacies and organizational dynamics. Private Clouds are expected to be built upon the same virtualization technologies as the public cloud but with the constraints of the existing virtualization silos and the not so economical resource pools as a result. However, these technologies will be no match to those built from ground up for enabling massive Private Clouds. Moreover, because of the organic nature of the Private Clouds, the resource pools tend to be siloed and the scope of multiplexing of servers will be limited to each silo.
Here are a couple of tables that list the factors that differentiates Public and Private Clouds:
Size of the resource pool
100s of thousands of homogenous servers specially built for the cloud.
100s of general purpose servers with mix of old and new.
Abstraction level of the virtualization
A cloud platform can provide application containers running on virtual OS instances taking virtualization to the next degree. This will standardize the OS environment and help increase the density of the applications/OS instance.
Most private clouds will probably provide an OS instance on which the application teams need to build the runtime environment manually.
Effectiveness of service management
The tooling built for service management is massively optimized for Long Tail and hence will require less number of heads /1000 servers to manage the data center when compared to the typical Private Cloud.
More headcount / 1000 servers
Monetization and chargeback accounting
The very survival of this cloud depends on the objectivity of these tools and hence is expected to be part of the core architecture.
Since most private clouds will be based on legacy processes and practices, chargeback accounting will be an afterthought.
Pay as you go
Economies of scale enable public clouds to offer pay-per-use without any upfront fixed costs.
Economies of scale are the enablers of the pay-as-you-go model; not many private clouds will have the scale to pull this off. So, there will be upfront fixed cost followed by per-per-use fees.
Scope of heterogeneity of platforms
Public cloud provider can enter into licensing partnerships to offer a variety of software choices including operating systems, application servers, databases and other middleware components. Public Clouds can also create application marketplaces driving the costs further down for customers.
Limited heterogeneity considering the smaller scale of the operations.
Can have hundreds of thousands of servers with highly automated operational management tools. As a result, Public Clouds are 5 to 7 times less expensive to operate.
May contain a few hundred to couple of thousand servers; this kind of scale can’t compete with the Public Cloud in terms of the investments made in automating the operations.
Scale of the resource pool
Virtualization of the servers, network and storage will be across the data center.
Because of the organic nature of the evolution of the private cloud, there will be several silos of resource pools which will limit their application density resulting in less than optimal usage of the servers.
Maturity of the infrastructure and tools
Public Clouds can invest in state of the art resource managers (E.g. Azure Fabric Controller) which can allocate and garbage collects the resources returning them to the pool when no longer needed.
They Dynamic Data Center toolkit probably is built as an afterthought relies on the existing infrastructure elements (VMM, System Center, Windows Server 2008, etc.) and hence may not be as optimal as its Public counterpart.
Service level guarantees
The advertized SLA will be met as there are legal frameworks surrounding the cloud deployments. The cloud provider will agree to compensate financially for any losses as a result of the service level failures.
There may not be any legal frameworks for guaranteeing SLA in a private environment.
Quality of human resources
Can afford to get the best of the best in the industry (e.g. power architect, cooling architect, systems architect)
Will have to settle for the existing data center personnel.
Can afford to pour billions of dollars as it is the core business of the service provider.
The investment is limited as Private Clouds will be constrained by the IT budget. As IT is generally a support function in most non-software companies, the investment can’t compete with its public counterpart.
State of the art security and service management practices. The following are some of security practices from Microsoft Global Foundation Services:
• 24 hour security incident management
• Global Criminal Compliance
• Defense-in-depth approach for data security
• Need-to-know and least-privilege model for Identity and Access Management
• Security Development Lifecycle for ensuring Applications
Private clouds can’t match Public Clouds in terms of the stringent framework driven approach to security.
Because of the global nature, the scale of operations and the Service Level Agreements with financial implications, Private Clouds will have to comply with various regulations and standards.
Typical certifications and standards as below:
Data Center Certifications
• ISO/IEC 27001:2005
• SAS 70 Type I and Type II
• Payment Card Industry Data Security Standard
• Media Ratings Council
• Health Insurance Portability and Accountability Act
• Internal audit and privacy assessments
Compliance scrutiny may be less rigorous than their Public counterparts.
Quality of the personnel
Considering the LongTail reach, Public Clouds will spare no cost in getting the best of the best in the industry. For instance, Public Clouds can afford to hire the best security and power architects for designing and operating their data centers.
Private Clouds are organic in nature and may have to leverage the existing skills at whatever level they may be in.
For a quantitative discussion of Cloud economics, please refer to the paper from UC Berkeley RAD Lab: http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html
I hope this helps!
(Disclaimer: This blog post represent my own personal views and do not necessarily reflect the views of the Microsoft Corporation.)