Cloud delusions at the turn of the decade

Cloud delusions at the turn of the decade

Summary: How to avoid amateur cloud, fool's cloud, firewall jealousy, misdirected multi-tenancy and half-aaSed applications. My views on how to implement cloud and SaaS have hardened considerably over the course of 2009.


Continuing my series of posts about the big themes on this blog over the past year, I now turn to the topic of cloud computing. My views on how to implement cloud and SaaS have hardened considerably over the course of 2009. Halfway through the year, I took a conscious decision to promote multi-tenancy as the only acceptable architecture for cloud and SaaS infrastructures. You might expect that from someone who makes a living consulting for multi-tenant vendors. But I've deliberately chosen a hardline and controversial stance, intended as a counterpoint to the many siren voices that argue for a more hybrid approach.

I still see migration to the cloud as a journey, but I'm concerned that too many people, especially with the advent of platforms like Windows Azure, have decided they can achieve all the benefits by going just some of the distance. This is a risky self-delusion, and the more people fool themselves this way, the more the cloud model will be discredited, not because of inherent weaknesses, but through implicit association with the disasters and disappointments these half-hearted implementations will bring in their wake. There are several different cloud delusions to beware of.

Amateur cloud. The year's third most highly trafficked post on this blog was The cloud, no place for amateurs. It picked out two examples of established, reputable computing companies that had let down customers who were depending on them for computer operations — in one case the victim was a single large airline, in the other it was a large number of mobile phone subscribers. Many reputable providers (and their customers) believe that enterprise size and computing experience are in themselves guarantees of the reliability of any cloud services they operate, whether for enterprise or consumers. This is a gross self-delusion. My follow-up post gave advice on How to avoid the amateur cloud.

Firewall jealousy. A related delusion is to put more trust in your own organization's security measures than in those of a cloud provider's — even if the cloud provider employs many more security staff in round-the-clock shifts, has significantly more security expertise and operates much better processes based on the highest level of best practice. This 'not my firewalls' mentality — a variation on 'not invented here' — is especially egregious if your so-called 'on-premise' computing is actually off-site at some non-descript colocation center shared with an unknown number of other organizations.

Fool's cloud. This is my term for what others persist in referring to as 'private cloud', and which I've also called 'captive cloud' and 'stagnant cloud' (the latter because of the way state-of-the-art implementations quickly fall behind when shut off from the continuous, collective scrutiny and collaborative innovation of the public cloud). My advice is, Beware the allure of Fool's Cloud. In the final decade of the previous century, rich enterprises deluded themselves they could get all the benefits of the Internet by implementing their own private versions. Today, many are destined to repeat this extravagant delusion by attempting private versions of cloud computing. Take my word for it: you can't take computing out of the cloud and still call it cloud computing.

Isolated multi-tenancy. Some vendors have taken the view that it's possible to take multi-tenancy out of a cloud context without losing any of the benefits of cloud computing. At the beginning of the year, I did wonder if they had a point. In March, I welcomed platform-as-a-service provider LongJump's introduction of an on-premise option as satisfying a pent-up market demand for SaaS development platforms. I examined the claims made for's breed of multi-tenancy when the company opened the kimono on its 'green crystals'. I was intrigued by Intalio's blueprint for taking multi-tenancy on-premise. I examined whether multi-tenancy could co-exist with on-premise computing assets. But in the end I came to the conclusion that the crucial point about multi-tenancy is that it enables a better fit for the cloud. Organizations are adopting cloud computing because their customers, suppliers, partners and employees are all doing business and interacting in the cloud already, and multi-tenancy makes no sense except as an enabling component for uncapped connectivity to every other business and resource out there in the public cloud.

Half-aaSed applications. One of the very first posts when I started writing this blog in 2005 introduced the notion of SoSaaS: Same old Software, as a Service. The phenomenon of taking any old software package, running it up on a server and putting it on pay-as-you-go pricing is alive and well in the cloud computing era, fueled by incomplete appreciation of what cloud computing is really all about. Today, it's easier than ever to spin up an app on a virtual instance at any of dozens of public cloud and platform-as-a-service providers, from Amazon Web Services, Rackspace or OpSource Cloud to Windows Azure, Heroku, Google App Engine or Joyent. But cloud computing and SaaS go far beyond merely a relocation exercise. Developers should not delude themselves. The as-a-service business model requires "a real-time service infrastructure and culture, able to interact with and respond to the needs, interests and dynamics of customers and their own connected networks." The cloud equivalent of SoSaaS is a half-aaSed application: one that's been deployed to a multi-tenant cloud infrastructure without being re-architected to allow its users to take advantage of the real-time, bandwidth-rich, shared-API environment of the public cloud.

Topics: Virtualization, Cloud, Emerging Tech, Hardware

Phil Wainewright

About Phil Wainewright

Since 1998, Phil Wainewright has been a thought leader in cloud computing as a blogger, analyst and consultant.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I like it...

    Great article, I am pretty much in agreement. I think the last three points you mention highlight areas where the water is being muddied a bit and people are misunderstanding the benefit of the proper cloud model.
  • RE: Cloud delusions at the turn of the decade

    I sort of agree with the article. A lot of the challenges to cloud adoption are social and not necessarily technological.

    I agree that a cloud company may be able to hire security experts that blow most companies out of the water. However, the cloud company seem reluctant to guarantee a certain level of security for very good legal reasons. The cloud company does NOT want to assume the risk of an inevitable security breach. So a company is left in a social/legal backwater. Even though the cloud company may have better security, they won't assume responsibility for it. In the case of a serious data breach, someone's head has to roll. Someone needs to be blamed and then the healing process can begin. Cloud companies are not willing to do this. So some CIO out there has to understand that if the company moves into the cloud on the CIO's say so, the CIO's head is on the chopping block but the CIO doesn't have control over the security.

    I don't know about anyone else but that is a lot to ask of anyone. "I want you to take complete responsibility for something you have no control over." I would defiantly want a golden parachute on that job, something that would allow me to retire someplace warm and live rich with out working again because after getting hammered once you probably won't be hired by anyone doing anything again.

    Same with exit strategies. Cloud companies come and go, hopefully based on some from of capitalism. What happens to your company when the cloud company tanks? Hopefully the answer is, you get the time and resources necessary to move to another cloud provider or build some solution of your own before the cloud provider goes out of business.
    • That is the thing that cloud advocates

      never ask, or don't want you to ask.

      [i]Who[/i] is ultimatelly responsible for any loss of data?

      With the current cloud companies out there, if you wake up to find your data hacked or missing, the provider can't be sued.
      John Zern
  • RE: Cloud delusions at the turn of the decade

    Articles like these are why I continue to follow and
    recommend this blog. I'm in agreement with the your
    arguments with SoSaaS and Fool's Cloud. It is dangerous
    for organizations to misunderstand or ignore the crucial
    components that bring the real value, and it is dangerous
    for the image and association that they have with real
    Cloud Computing.
  • RE: Cloud delusions at the turn of the decade

    Phil - interesting thoughts. I wanted to comment about your "Fool's cloud" or internal/captive cloud comments. My firm ParaScale, provides a cloud storage platform which can be used by service providers to create a public cloud, and by enterprises to create an internal cloud. Today, a lot of our biz is from public cloud providers, but we see 2010 as a year where the internal cloud will gain more traction. Given that we see business in both areas, we don't have a bias one way or the other. At the business model level, the public cloud is like a rental car model, while the private cloud is akin to owning the car. Each has its pros and cons. At an architecture level,cloud implementations use true commodity hardware. This is a huge change, and especially in stoorage the economics are compelling. Here are some more 2010 thoughts ... Happy new year.
    CEO, ParaScale,
  • Love the pun lol [NT]

  • RE: Cloud delusions at the turn of the decade

    I think this post was a good overall picture of the "should we use cloud" debate. But would it be possible to cover another important part of the cloud equation - the software licensing policies? These policies have only now made virtualization more or less viable, but they are still a big obstacle if one wants to get the benefits out of cloud-computing. For example you can rent a server from Amazon for one hour, but the minimal rent period for an Oracle license is .... 1 year. It is not sure you can use Microsoft processor licenses (especially with the SPLA model) on cloud platform, because according to the terms you must own the hardware. Most of the license models require you to count physical processors or cores - how do you do that on a cloud-computing platform.
  • Cloud isn't one-size-fits-all

    Very articulate, but have you considered that certain verticals
    benefit more than others on the cloud?

    Would love to see you insights put to use for areas such as
    healthcare and persistency in patient data distribution.
  • RE: Cloud delusions at the turn of the decade

    Good article, but I'm not completely in agreement that there's only one "right" way to do cloud computing.

    Ultimately, the software vendor has to decide what is the best business model for them... and sometimes that means offering their existing application as a subscription service. Sure, it may not be pure SaaS, but it doesn't have to be either.

    The key concern for the vendor is not whether they are "really" doing cloud computing. Rather, it is what is the best short-, mid- and long-term option (may not be the same) for their growth, revenues, and ease of support. Each software provider needs to consider those questions in light of their own application, and what their own customers are comfortable with.


    Joanna Lees-Castro
    • Partially agree ...

      ... in that it sometimes makes sense for a software vendor to do cloud computing the 'wrong' way - for some of the time, for some of its customers.

      The difficulty most software vendors have is that they're unfamiliar with the cloud environment while being totally comfortable with the conventional way of doing things. So they must guard against the very strong temptation to keep doing things the old way for as long as they can get away with.

      Judging by what customers are comfortable with is very dangerous, by the way, because customers can change their minds like a switch, whereas re-architecting for cloud takes months or years. The biggest danger for software vendors is getting left high-and-dry because they left it too late to shift to a proper cloud computing model.

      phil wainewright
  • RE: Cloud delusions at the turn of the decade

    Considering that you have to rebuild your applications for optimal cloud performance using opensource software will solve all your licensing problems.