Cloud delusions at the turn of the decade

Continuing my series of posts about the big themes on this blog over the past year, I now turn to the topic of cloud computing. My views on how to implement cloud and SaaS have hardened considerably over the course of 2009. Halfway through the year, I took a conscious decision to promote multi-tenancy as the only acceptable architecture for cloud and SaaS infrastructures. You might expect that from someone who makes a living consulting for multi-tenant vendors. But I've deliberately chosen a hardline and controversial stance, intended as a counterpoint to the many siren voices that argue for a more hybrid approach.

I still see migration to the cloud as a journey, but I'm concerned that too many people, especially with the advent of platforms like Windows Azure, have decided they can achieve all the benefits by going just some of the distance. This is a risky self-delusion, and the more people fool themselves this way, the more the cloud model will be discredited, not because of inherent weaknesses, but through implicit association with the disasters and disappointments these half-hearted implementations will bring in their wake. There are several different cloud delusions to beware of.

Amateur cloud. The year's third most highly trafficked post on this blog was The cloud, no place for amateurs. It picked out two examples of established, reputable computing companies that had let down customers who were depending on them for computer operations — in one case the victim was a single large airline, in the other it was a large number of mobile phone subscribers. Many reputable providers (and their customers) believe that enterprise size and computing experience are in themselves guarantees of the reliability of any cloud services they operate, whether for enterprise or consumers. This is a gross self-delusion. My follow-up post gave advice on How to avoid the amateur cloud.

Firewall jealousy. A related delusion is to put more trust in your own organization's security measures than in those of a cloud provider's — even if the cloud provider employs many more security staff in round-the-clock shifts, has significantly more security expertise and operates much better processes based on the highest level of best practice. This 'not my firewalls' mentality — a variation on 'not invented here' — is especially egregious if your so-called 'on-premise' computing is actually off-site at some non-descript colocation center shared with an unknown number of other organizations.

Fool's cloud. This is my term for what others persist in referring to as 'private cloud', and which I've also called 'captive cloud' and 'stagnant cloud' (the latter because of the way state-of-the-art implementations quickly fall behind when shut off from the continuous, collective scrutiny and collaborative innovation of the public cloud). My advice is, Beware the allure of Fool's Cloud. In the final decade of the previous century, rich enterprises deluded themselves they could get all the benefits of the Internet by implementing their own private versions. Today, many are destined to repeat this extravagant delusion by attempting private versions of cloud computing. Take my word for it: you can't take computing out of the cloud and still call it cloud computing.

Isolated multi-tenancy. Some vendors have taken the view that it's possible to take multi-tenancy out of a cloud context without losing any of the benefits of cloud computing. At the beginning of the year, I did wonder if they had a point. In March, I welcomed platform-as-a-service provider LongJump's introduction of an on-premise option as satisfying a pent-up market demand for SaaS development platforms. I examined the claims made for Salesforce.com's breed of multi-tenancy when the company opened the kimono on its 'green crystals'. I was intrigued by Intalio's blueprint for taking multi-tenancy on-premise. I examined whether multi-tenancy could co-exist with on-premise computing assets. But in the end I came to the conclusion that the crucial point about multi-tenancy is that it enables a better fit for the cloud. Organizations are adopting cloud computing because their customers, suppliers, partners and employees are all doing business and interacting in the cloud already, and multi-tenancy makes no sense except as an enabling component for uncapped connectivity to every other business and resource out there in the public cloud.

Half-aaSed applications. One of the very first posts when I started writing this blog in 2005 introduced the notion of SoSaaS: Same old Software, as a Service. The phenomenon of taking any old software package, running it up on a server and putting it on pay-as-you-go pricing is alive and well in the cloud computing era, fueled by incomplete appreciation of what cloud computing is really all about. Today, it's easier than ever to spin up an app on a virtual instance at any of dozens of public cloud and platform-as-a-service providers, from Amazon Web Services, Rackspace or OpSource Cloud to Windows Azure, Heroku, Google App Engine or Joyent. But cloud computing and SaaS go far beyond merely a relocation exercise. Developers should not delude themselves. The as-a-service business model requires "a real-time service infrastructure and culture, able to interact with and respond to the needs, interests and dynamics of customers and their own connected networks." The cloud equivalent of SoSaaS is a half-aaSed application: one that's been deployed to a multi-tenant cloud infrastructure without being re-architected to allow its users to take advantage of the real-time, bandwidth-rich, shared-API environment of the public cloud.