Wired Magazine | July 29, 2013

Is Private PaaS the On-Ramp to Public Cloud?

Public cloud is tremendously popular — there’s no question. However, enterprises have yet to consume public IaaS and PaaS in an “at-scale” way. They dabble in public IaaS and PaaS here and there, but public cloud is home to only a *tiny* minority of enterprise application workloads. Why? Enterprise workloads are trapped within the firewall by a few key constraints (some perceived, some political, some real – in order of constraint complexity):

  1. Dependencies – Custom apps written by enterprises often have dependencies on other external systems that either: A) can’t themselves be brought to public cloud, thereby making them inaccessible; or B) cannot be safely exposed to the outside world such that those dependencies can be resolved
  2. Performance – Stringent performance requirements may prevent certain applications from landing on a public cloud, particularly when high I/O performance is required.
  3. Security – Public clouds may not be able to fulfill security requirements, particularly in regulated industries such as banking.
  4. Data – Because of size and sensitivity, many data loads may not be easy to move to a public cloud. This data acts as an anchor; a corollary is that most applications depending on this data will also not move to public cloud.

Long term, however, most of these barriers will break down (starting with dependencies first), and it’s pretty clear that as a result, enterprises will consume a meaningful amount of public AND private cloud. Ultimately, the end state for enterprise IT will be hybrid, and yes, enterprises WILL consume a meaningful amount of public cloud. However, the secret to getting there is implementing private PaaS first. Why, you ask? Because of the above constraints.

If we take the application portfolio of a typical enterprise, we find that each application is bound by zero or more of the above constraints. In fact, we can think of these constraints as a set of concentric rings, with the innermost ring, data, being the most complex constraint to deal with, and the outermost ring, dependency, being the least.

When an application runs in-house, these constraints are satisfied. In today’s 2013 public cloud context, it’s hard enough to satisfy any one of these constraints, let alone all four of them. This means that an enterprise must choose from one of two strategies when it comes to PaaS:

  1. Wait for the constraints to either be lifted or to solve them via technology (e.g., Azure VPN services or Amazon VPC, which drastically reduces the impact of the Dependency constraint).
  2. Run a private PaaS behind the firewall, ensuring guest applications on the PaaS automatically satisfy these constraints. A private PaaS could logically sit within the innermost ring, satisfying application workloads that not only have the most stringent constraint, but that might be constrained by all four major roadblocks.

The private PaaS first strategy places emphasis on getting apps on a PaaS rather than on a public PaaS only. This produces benefits that include:

  1. Preparing applications to run on an infrastructure abstracted PaaS environment
  2. Aligning the IT and developer culture with PaaS consumption, in general
  3. Creating ROI through utilization efficiency, devops, agility and lowered operations friction

The first two benefits ease the adoption of public cloud, since it becomes less of a technical and cultural shock. A good private PaaS allows pooling of public IaaS resources into the logical private instance, with policy control to influence application placement. Over time, as constraints breakdown, and applications are free to migrate to public cloud, the applications can do so on the private PaaS. The private PaaS, via policy, can place apps on public resources instead of public cloud – and voila, we have an enterprise consuming public IaaS!

This is the first step toward a hybrid approach as enterprises will start to use private PaaS to consume public IaaS for key workloads at a pace that fits their strategy. What will happen to the concentric rings, should a hybrid approach become the norm?

Overtime, our first concentric ring model will start to make less sense. A new model will emerge and look similar to the one above, due to the introduction of new technology and the resulting dissolution of the boundaries one by one. Ultimately, this new tech will force enterprises to re-evaluate their strategies. Enterprises will begin consuming public IaaS for key workloads at a pace that fits their strategy. For web/SOA style apps, that consumption will likely happen through a hybrid PaaS deployment. After all, in the long term most of these barriers will break down. As stated earlier, the end state for enterprise IT will be enterprise hybrid PaaS, a subject I’ve already written about in the past. What do you think?

Sinclair Schuller is an enterprise computing expert and CEO of the Platform as a Service (PaaS) company Apprenda.