When will the crowd turn against private cloud?

When will the crowd turn against private cloud?

Summary: Private clouds will be discredited by year end, I predicted yesterday. I was promptly challenged to put my money where my mouth was. Here's my considered response.


Following on from yesterday's Forecasting Fisticuffs webcast (recording here) with fellow Enterprise Irregular bloggers Vinnie Mirchandani and Dennis Howlett alongside Appirio's Narinder Singh, I tweeted a provocative prediction for 2010 that "Private clouds will be discredited by year end". There followed a flurry of counter-tweets, most notably a challenge from Cloudscaling CEO Randy Bias to put my money where my mouth is.

That required a bit more clarity about what we'd actually be betting on, and the continuing conversation quickly showed up the constraints of Twitter's 140-character limit. I resolved to dive into some of the underlying concepts in a blog post here today.

First of all, 'discredited'. As I elaborated to SearchCloudComputing's Carl Brooks, that means "No one likes using the phrase any more" — I was aiming to capture something halfway between the repulsion and embarassment people used to feel about, respectively, application service providers and intranets. People will still be using private clouds, but I believe they'll feel increasingly ashamed or nervous of admitting it in public, except to fellow-users. The rest of the world will have moved on. I'm inclined to agree with Phil Morris that my timing was probably over-ambitious. Year-end 2011 or mid-2012 would have been a lot safer but hey, I wanted to be provocative. And I truly believe sentiment will have started shifting before the year is out.

Now let's turn to 'private' and 'cloud'. My definition of private is simple: not public. Randy Bias offered a list of defining features: "unshared, single tenant, self-service compute, storage, and network infrastructure." He then went on to mention three varieties of private cloud: "virtual, external, or internal," which is when I started to realize this was a much more nuanced discussion than our tweets were going to allow. It was obvious that some of his definitions of 'private' cut across into areas that I would define as 'public'; and vice-versa.

For example, I have no objection whatsoever to virtual private cloud, so long as it's a logical slice of a public cloud infrastructure, or as I wrote last August: "computing that operates within a public cloud but which uses virtual private networking to give individual enterprises the ability to mask off a portion of the public cloud under their own delegated control and management." On the other hand, you can make your infrastructure as multi-tenant as you like, it's not cloud if it's confined within a closed, single-enterprise environment.

So when I talk about 'private cloud' as something the world will move on from, I'm not talking about cloud infrastructure that's logically partitioned to make it private. I'm talking about physically private infrastructure that's logically structured as though it were cloud.

This definition is clear-cut at the extremes, but of course there's a shaded area in the middle where the two ends meet, and I suspect a lot of that shaded area is occupied by what Randy Bias calls 'external private cloud' (and is very bullish about). This is cloud infrastructure that's hosted by third party providers, and I can imagine that some of it is going to be built on what I would regard as perfectly valid public cloud infrastructure, logically partitioned. But a lot of it is going to be as alluring as lipstick daubed on a pig, because behind the scenes the hosting providers will be doing a lot of covert physical partitioning to cut corners (actually, some of them will openly tout that partitioning as a selling point).

My litmus test for public vs private cloud is at a different level than multi-tenant architectures, firewall configurations and flavors of virtualization. In my book, a public cloud is one that's concurrently shared by thousands of discrete customers, all of whom access precisely the same (though continuously enhanced) baseline functionality and have complete freedom of action (and control) over how they use that functionality within the constraints of the platform. The strength of the cloud model (and why public cloud will leave any variety of physically partitioned private cloud trailing in the dust) is the collective scrutiny, feedback and innovation that becomes possible when thousands of customers are using the same, constantly evolving, shared platform.

Perhaps the reason those benefits are not yet self-evident — and thus why this argument is so hard to put across — is that so far we've mostly been looking at infrastructure as a service, with Amazon Web Services as the most established example of a public cloud platform. The problem with that is, the shared platform only goes as far as the AMI, and from there on up, you fall straight back into private software instances with none of the benefits of a collectively shared platform. This year I think we're going to be hearing far more about platform as a service, and that's the layer at which people are really going to start leveraging the power of the public cloud and realizing how much they're giving up by wanting to manage their own discrete, private software stacks.

One last thought. There's a whole other discussion that needs to be had about how enterprises should migrate their IT assets to the cloud, because everything I've written above still begs the question of when and what to move to PaaS and/or IaaS, what to do with remaining on-premise assets, and whether in that hybrid environment of half-on, half-off the cloud there's an argument for implementing private cloud-like infrastructure. The bulk of that discussion will have to wait for another post, but it may be that, although discredited in the sense that enterprises may not like to talk openly about it very much, there will be a lot of 'private cloud' going on for the next few years as part of those migration strategies.

Topics: Cloud, Banking, CXO, Enterprise Software, IT Employment

Phil Wainewright

About Phil Wainewright

Since 1998, Phil Wainewright has been a thought leader in cloud computing as a blogger, analyst and consultant.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • The only thing your discrediting here

    is yourself.

    But that's just my 2 cents, for all it's worth.
  • Public cloud will be crushed

    as it serves as Orwellian evil.
    • Public cloud will be crushed?

      Public cloud will be crushed? This has to be the silliest comment of IT land in 2010 - so far.

      Phil is right about the cloud - it's public and it's all about reducing the ridiculous costs, complexity and poor usability of business-as-usual IT.

      Over time, everything IT - save defence and banking transactions (or similar) will be delivered as-a-service in the public cloud.

      As the big cloud-SaaS players build-up war chests of cash - consolidation and maturation is inevitable. It still means that start-ups and small players can engage - leveraging the leading public cloud platforms - Force.com, Amazon Web Services, Microsoft Windows Azure et al.
      • How do you stop Cnina from hacking your info?

        Public clouds are not ready for prime time.

        They claim higher security but won't guarantee it to their customers for very good legal reasons.

        There aren't any standards or exit strategies offered for business or end users. If you had standards a company could move from one failing cloud company to a cloud company that wasn't failing. Another way to handle this with out standards is for every cloud company to have a graceful and consumer oriented exit strategy. Giving customers 12-18 months to migrate services/data, providing tools for businesses to manage their own data/services after the cloud company fails. Strategies like that.

        Also data ownership isn't guaranteed by any law or common practice.
        • You're right, but overstating the case

          As the Amazon rep at cloud symposia (I forget his name) keeps repeating, we need "brutal standardization." The good news is the message is getting across - the big players are getting it.

          Yep, gotta have standards. Nope, they're not that far off.
      • Spoken like someone who hasn't the skills..

        to manage a data center.
      • You're wrong

        US Department of Defense is pushing into cloud far faster than most of industry. DISA will be moving its customers out of the "this is my box" era over the next couple of years.

        Maybe "save defence;" I don't know about that side of the pond. But definitely not "save defense."
  • OMG: Why would anyone want privacy, security, flexibility ...

    ... and self-determination when it comes to the very nervous system of his business operation? Phil Wainewright is completely stunned! Why don't we all embrace this new big brother, digital utopia, in which mega corporations know everything about us; our most valuable assets lie in their hands (not ours); and the operation of our businesses lie at their mercy? Phil, that is idiocy, not prudence. Not every candy someone waves in front of you is good to eat. Public clouds have their place, but people must be extremely vigilant to ensure that they are not suckered into situations that can be detrimental to them in the future.
    P. Douglas
    • Well said

      I don't like "cloud computing".
      I didn't get into computers just to see my personal brainbox turned into a dumb internet terminal.
  • What about never ?

    Seriously, i don't see where all this fascination of the blogosphere for every and any thing cloud computing related come from.
    If,cloud computing ever become the main computing form in a future, i sure hope that public cloud will not be the defacto standard.
    Otherwises, security breach would have much more dramatic effects than they currently have.
    I personnaly think that if ever cloud computing become significant, private clouds would be prefered over public cloud for most enterprises especially the big ones.
    To be honest Cloud computing had a significant potential.
    However it is not the panacea, and it has also the potential to remove freedom for a lot of people and/or put them at much higher risks than the current paradigm could have ever been able to. Imagine for example that a lot of comanies rely on Google, and that Google fell victim of an effective massive attack on their datacenters. Could you even imagine the casualties for all the customers ? And you can be sure that in a paradigm where Public cloud is the standard, companies such as Google would be submited to incredibly powerful and sophisticated attacks. Assuming the significant reward for attackers(Imagine for example that the chineese government want to strike american companies using Google services), one could even imagine that some attackers could go as far as doing physical attacks. Sure there would be risks for private cloud but much less than big public cloud.
  • Like why would shame be a part of a private cloud?

    "People will still be using private clouds, but I
    believe they?ll feel increasingly ashamed or nervous
    of admitting it in public, "

    a) Why would people feel shame about a private cloud?
    I don't think there's anything fundamentally WRONG
    with a private cloud. If people want to host their own
    stuff, THEN SO BE IT!! What in the world is wrong with
    somebody wanting to self host?

    b) Since when has shame ever been a powerful mover of
    societal change? Especially with today'a society,
    which places a lot of emphasis on individualism, shame
    is pretty useless for convincing people to change.
    Following the crowd is out, being your own person is
    in. If you tried to shame me, I'd say THANK YOU and
  • Web sites will be the only...

    thing that moves to the public cloud. Especially after more and more cloud providers get hacked. It will prove to dangerous to put your company's life's blood somewhere where hundreds or more people have access to it. Everytime a cloud provider gives a customer access to its servers they weaken their security. And this doesn't even consider the internal threats. Everyone has their price and your data in the cloud is for sale to the highest bidder. Then you have your Googles that harvest their customers' data to monetize it.

    Anyone that would put their data in an environment such as a public cloud is a fool.
    • Another IT Idiot Speaks Out Loud!

      Websites are Web apps are cloud apps are SaaS apps. Resistance to public cloud IT infrastructure is like resisting gravity. The sooner the business-as-usual IT guys disappear the better. Security is not improved by operating so-called private clouds.
      • Re: Another IT Idiot Speaks Out Loud!

        Yes you have...and yes you are.
      • If you don't understand....

        the difference between a web site and a full blown data center you truly are an idiot.
      • Then you should quit speaking (nt)

        • AAAAAmeeeeeen! nt

      • LOL - you kind of proved his point...nt

      • Cloud of Borg?

        "We are the Public Cloud. Lower your firewalls and surrender your CPUs. We will add your software and technological distinctiveness to our own. Your computers will adapt to service us. Resistance is futile."

        My reply to this is always, "Assimilation is futile. Resistance is inevitable. You will be resisted."

        I like the way Picard put it in Star Drek: First Contract (paraphrasing)...

        "I will not sacrifice Free Enterprise. We've made too many compromises already; too many retreats. They invade our systems and we fall back. They assimilate entire networks and we fall back. Not again. The line must be drawn here! This far, no further! And *I* will make them pay for what they've done!"
  • RE: When will the crowd turn against private cloud?

    In this time of transition between a product and a service
    based economy (which fundamentally is what is at the
    heart of the cloud), there are a number of discrete groups
    of risks - the risk of doing nothing, transitional risk (trust,
    security of supply, confusion, governance) related to the
    industry and general outsourcing risks (suitability, pricing
    competition, vendor lock-in, loss of strategic control).

    These risks need to be balanced against the benefits of
    volume operations and provision of commodity like
    services (economies of scale, faster speed to market i.e.
    componentisation, outsourcing non core activities, pay per
    use i.e. utility pricing).

    Companies will always seek the most advantageous
    balance of that equation, to maximise benefits whilst
    minimising risks in whatever ecosystem they compete in.

    Of course, the balance of that equation will change over
    time but currently in the world of cloud infrastructure
    there is confusion (caused by the prolific variation in
    offerings) and real transitional and outsourcing risks.

    Since there are many models of service provision (including
    private clouds using "physically private infrastructure
    that?s logically structured as though it were cloud"), companies will seek to use a model which balances the
    equation in their favour.

    Hence, the strong interest in the hybrid model of private /
    public cloud is perfectly reasonable because whilst it may
    not gain all the benefits of public provision, it certainly
    mitigates some of the risks and enables companies to
    experiment with cloud.

    Obviously this balance will change over time, according to
    changes in risks.

    Many industries have been through this transition. Even
    Douglas Parkhill, who wrote the book on utility computing
    in the 1966 and made the comparison of future computer
    resource provision to the electricity industry, highlighted :-

    "The public / private division is reflected in our experience
    with older utilities, communication, gas, electric power etc.
    In fact, historically, many of our present public utilities
    began as limited subscriber or private ventures. Even
    today, despite the fantastic growth of public systems,
    many organizations continue to operate their own private
    power plants or internal communication systems."
    [Douglas Parkhill, The Rise of Utility Computing, 1966]

    The notion that ?Private clouds will be discredited by year
    end? goes against economic history and the transition of
    many industries through this process.

    To say that "people will still be using private clouds, but I
    believe they?ll feel increasingly ashamed or nervous of
    admitting it in public" is like saying that people were
    ashamed of having back-up generators in business or
    using their own inter-company networks or any of the
    hundreds of example of sensible strategies deployed in
    business to deal with issues around supply chain

    Your tirade against private clouds certainly gives food for
    thought but people run real businesses, they've been
    doing so for a long time and the issues around supply
    chain management, second sourcing, risks and benefits are
    well understood.

    Now, you do refer to componentisation effects (Herbert
    Simon's Theory of Hierarchy) in your description of the
    acceleration of innovation possible through use of cloud

    It is important to understand that it is only those activities
    which are widespread, well defined and of little strategic
    differential become suitable for service provision.

    Whilst these activities will standardise to common
    components (see ... entire of human history), innovation
    with those components will accelerate (see ... entire human

    For example, the network transition from a mass of
    different protocols - ipx / spx, tcp/ip, decnet, sna,
    appletalk ... to a single defacto standard and the innovative
    explosion that is the internet.

    Componentisation is absolutely valid for both private &
    public infrastructure when it is standardised (the types and
    level of standardisation will vary according to which layer
    of stack & suitability of the activity for service provision).

    Your assumption that this mass of innovation can only
    happen on a public provider and not a wider ecosystem
    doesn't stack.

    Good post.