A private cloud is a software-defined data center that combines essential hardware and other computing resources into a unified virtualized unit. A private cloud’s layer of hardware and networking abstraction – again, provided by software – enables enterprises to scale and provision resources more dynamically than is possible with traditional hardware-centric computing environments.
In contrast to public cloud computing, a private cloud is typically hosted withicon a company’s firewalls. Alternately, some companies host their private cloud with an external third party provider, which allows these deployments to tap into external compute resources on an on-demand basis.
Ideally, a private cloud allows businesses significant cost savings over legacy hardware-based deployments. It also enables far greater flexibility, and – in contrast to a public cloud – much greater security and privacy.
To help choose a cloud provider – private, public, or hybrid – read our cloud comparison guide.
- What is Private Cloud? [video]
- Private Cloud Challenges
- In-House or Third Party Private Cloud?
- Customized vs. Commodity Build
- Private Cloud and Virtualization
- Strategy and Deployment
- Private Clouds and Hybrid Clouds
- The Private IaaS and Private Clouds
- Market Growth Forecasts
- Private Cloud Controversy: ROI?
- Vendors and Solutions
- Private Cloud: More References
In this interview, industry expert Andi Mann defines the private cloud and discusses its unique challenges and opportunities. Mann is the co-author of Visible Ops Private Cloud: From Virtualization to Private Cloud in 4 Practical Steps. Formerly an analyst with research firm Enterprise Management Associates, Mann is now VP of Strategic Solutions for CA Technologies.
Despite its significant promise, a private cloud faces challenges. As with traditional deployments, companies must still handle (or pay for) the majority of achitecting and monitoring work themselves. And because private cloud is still emerging technology, a deployment built this year will likely soon call for a revision of some type. For this reason (among others) businesses of varying sizes are opting for hybrid clouds – a term that comprises any number of permutations of private and public clouds.
To be sure, the world of private cloud computing suffers from a phenomenon that few vendors will admit: confusion. Sure, the term private cloud can be defined, yet vendors and pundits tend to disagree on the specifics. For a time, merely using virtualization in your data center meant you had a private cloud; other experts point out that this is only the foundation.
This confusion comes to the fore when businesses go shopping for a private cloud solution. Do you want a full-fledged third party infrastructure as a service solution, or do you simply want to virtualize, say, your southwestern offices? Issues like tiered staff access, control of databases, scheduled provisioning, and application management can quickly spiral into a labyrinthine (and costly) array of choices.
So when planning and building a private cloud – either completely in-house or with any level of vendor involvement – businesses must keep their own goals squarely in place. Why, exactly, are you constructing a new private cloud; what do you want it to do? Looking past the blizzard of choices, the answer to this question is best placed at the very top of your private cloud architecture plan.
As cloud computing proliferates, private clouds are typically part of a hybrid cloud deployment. (Source: Appistry)
Before building a private cloud, a business must decide: do we want to run it in our own data center, or host it in a third party location?
An externally hosted private cloud is often referred to as a managed private cloud.
The concept of an external private cloud causes anxiety among businesses – for good reason. The core rationale a private cloud is so prized is because it offers greater security, privacy and control than a public cloud. So locating a private cloud in an external facility seems to negate this. Among the worries: The issue of data ownership. If, for instance, your private cloud host changes its end users agreements in some onerous way, how easy will it be for you to shift to a new provider?
Also worrying is the possibility of a breach in security. While cloud service providers are better positioned to keep up with evolving security trends due to economies of scale, what happens when something goes wrong? Will the service provider accept accountability? Will they make you whole after, say, a data breach, or will you be left to clean up the mess and shoulder the costs?
Why then host your private cloud externally? Industry opinions differ wildly, but some pundits say that a business must have at least 1,000 servers to justify building its own private cloud. Many businesses don’t have near that amount. Hence the interest in hosting a private cloud with a third party provider, or in some way leveraging a managed private cloud from an external vendor.
In truth, a hosted private cloud – the managed private cloud – is far different than a public cloud from a big public cloud vendor like, say, Amazon. In a managed private cloud scenario, a business extends a separate security perimeter around this third party cloud.
In effect, your business simply cordons off a section of the third party’s equipment and infrastructure. This saves your business the cash outlay of building/buying this extra equipment and infrastructure, yet also provides (in theory, at least) the same level of privacy and security as would a truly in-house deployment. Many managed clouds enable you to boost your security, allowing you to move specific apps (say, those applicable to mobile workers) into the private cloud; and you can often consume "security as a service," such as BYOD (bring your own device) security and DLP (data loss prevention) services.
A private cloud comprises a unified, integrated software-defined data center – whether in a company's in-house data center or in an external facility.
Cost is of course a central concern as you create plans for a private cloud deployment.
A key metric to bear in mind when a business decides to deploy a private cloud is cost per VM (virtual machine) per month. This cost can vary exponentially based on a dizzying menu of factors.
Erik Sebesta, Chief Architect and Technology Officer at Cloud Technology Partners, a Boston-based consulting firm, has advised many businesses as they've set up private cloud deployments. Sebesta indicates the following cost levels. For in-house datacenters that aren’t running a private cloud, the cost per VM per month can run to around $1,000 a month. This amount can fall substantially if a business uses a managed private cloud – closer to $150-$400 per VM per month (but again, many factors are in play here).
“If you look at Amazon, which is pure public cloud, you can get to about $60 [per VM] per month,” he says. Yet in this environment a company gives up a private cloud’s security and privacy.
“If you build your own equivalent to Amazon – and there are companies out there that do this – you can reduce the cost to around $30 per VM per month,” he says. While some businesses might be leery of the upfront expense of building it themselves, Sebesta says that, “You can find pre-configured packages that are ready to run with limited custom work."a Although there are extra professional costs in getting this installed, the longer term operating costs can fall significantly.
Still, he adds a note of caution: “Going into a buying decision without an understanding of where the various price points are, it’s easy to get led astray by the big vendors with their Cloud-in-a-Box offerings.” (See more on Cloud-in-a-Box in the section below.)
To fully understand the price variables, a private cloud customer needs to compare some of the leading-edge private cloud vendors. To cut costs, Sebesta says, look for vendors who are using open source solutions and commodity hardware.
The other private cloud cost metric is cost per gigabyte of data storage per month. An ideal figure to shoot for is ten cents (.10) per gig per month. If you are encountering price ranges above this, you may choose to keep shopping.
And what about “infrastructure anxiety”? That is, while looking for a lower cost vendor, businesses worries about hiring a smaller, less experienced vendor to build such a critical element of its infrastructure. There’s an old saying: “no one ever got fired for buying Microsoft.” Some companies dipping a toe into the new world of cloud computing might lean on older, established names.
In response, Sebesta notes there are different private cloud models today. They’re based on application workloads. “There are some application workloads that, yes, you want the big vendor solution to run on.”
However, “There are other application workloads where putting them on a ‘design for failure’ environment – like an Amazon Web servers equivalent – is the best option.”
The critical question for enterprises, then, is this: what exactly are you planning to run on your private cloud? Will you use it for your mission critical workload, the backbone of your business? Or will you use it for application/resources that you afford to put on ‘design for failure’ infrastructure, one that’s heavily backed up with cheap commodity hardware?
You can architect around the weakness of this latter set-up, Sebesta notes. “You can run a ‘five 9’ application on a ‘three 9’ infrastructure,” he says, referring to the number of 9’s in high availability computing.
The Cloud-in-a-Box solutions from big-name vendors are often designed for higher availability, so they require more hardware and a higher level of engineering. Hosting a business's mission critical apps on this platform certainly allows greater piece of mind – yet at a higher price point.
The terms private cloud and virtualization are often used as synonyms. Many companies take the approach that, if they have virtualized their computing resources, they have implemented a private cloud.
In truth, this isn’t precisely correct.
Virtualization is technology that separates – that abstracts – the hardware from the operating system and applications (and other resources) that reside on that hardware. This technology has revolutionized the date center. Among many changes, it enables companies to make vastly more efficient use of their server hardware.
Traditionally (say, several years back), server use has been very inefficient. Only a small percentage of a server’s compute power – perhaps 15 percent, or even less – was employed at a given time. Adding to the inefficiency, a single server would be dedicated to a single operating system and/or a single application.
This inefficiency wasn’t a terrible problem: Server hardware is relatively inexpensive commodity hardware. So data center administrators would simply keep buying more boxes as the company’s compute needs grew. When companies needed to add applications, or run various operating systems simultaneously (or versions of the same OS), they simply purchased more servers. In truth, this got costly, in energy costs as well as monitoring and maintenance costs.
Virtualization – first led at the enterprise level by the success of VMware – dramatically changed this. Virtualization optimizes hardware utilization by enabling multiple operating systems and applications to run on a single box. Virtualization enables creation of virtual machines (VM) – “machines” that are in fact software environments existing on the underlying hardware. Virtualization isolates the virtual machines (which may run various operating systems and apps) from one another and from the physical hardware or network.
Consequently, virtualization is a huge cost saver – it’s no surprise that businesses have rushed to deploy virtualization in the datacenter. Note that it was large enterprises equipped with hefty budgets that first rushed to virtualize – for them it was a no-brainer. Smaller and mid-sized companies have been slower to virtualize, because while virtualization provides longer term advantages, initial set-up presents cost and operational headaches.
A virtualized platform provides a datacenter admin with an array of tools to better manage – and often more securely manage – IT resources. The percentage of utilized server compute power jumps markedly; in some cases to the 70-80 percent range. Realize, too, that much more than just servers can be virtualized: storage, networks, applications – many of the elements of IT infrastructure can be virtualized.
This is why IT experts extoll the virtues of the virtualized data center. The old-fashioned hardware-centric data center (which continues to dominate IT) is cumbersome and prone to obsolescence by comparison.
However, virtualization, for all its advantages, isn’t by itself a private cloud. To be sure, virtualization is a necessary foundation for a private cloud. But for a virtualized workload to truly be a private cloud, a company needs to standardize and automate its various workloads. Implicit in the concept of a private cloud is dynamic provisioning and a single pane management of a heterogeneous set of applications. (Not to mention the ability to charge specific business units for the resources they consume. Chargeback is a key advantage of the cloud.)
In short, the visual image of cloud comes into play here: a series of silos built on disparate hardware needs to be turned into a fully integrated and automated computing environment, just as an actual cloud in the sky combines an array of meteorological elements (moisture, temperature) into a single unit – albeit one that changes constantly.
This fully integrated and ever-evolving unit, then, is a private cloud.
A private cloud involves virtualizing many aspects of data center operation. (Source: CRMNext)
If you talk with consultants who work with clients setting up private clouds, you soon hear horror stories. Businesses rush to get on board with a private cloud and virtualization – they’ve heard of the cost savings – but they don’t really know why.
But hurry, let’s build it!
For instance, one IT department in a northeastern US state (which will remain nameless) spent millions building a state-of-the-art private cloud. And what did the organization do with it? “Oh, we have a few divisions that would like to use it for their apps,” was how a consultant explained its use, noting how amazingly wasteful this is. Unfortunately, this story isn’t an isolated example.
So at the risk of repeating the point, a business that’s weighing deploying a private cloud needs a concrete, well-considered cloud strategy – before starting. It needs to be sure it has a clear answer to (at least) the following extended question:
- What are the technical needs and requirements of your current IT infrastructure?
- What specs will be require in the new private cloud; that is, how robust and full-featured must it be?
- What precise tasks must the private cloud be capable of, and what return on investment will this capability enable?
- And (summing up the previous three) How will you measure the success or failure of this deployment
Other factors to consider as you develop your private cloud strategy:
- Security: It’s generally accepted that the private cloud is significantly more secure than a public cloud. Yet in fact this is highly debatable.
A Forrester study indicated that in the last 18 months more than 50 percent of the companies surveyed had suffered a security breach. Which brings to mind a full range of legal and compliance issues; how will you handle sensitive user information and financial documents in your private cloud deployment?
And consider this: A big cloud provider's security budget probably far outweighs yours. They'll add the newest security technologies quicker than you can. They'll find and patch vulnerabilities more quickly than you can. They've seen more threats and know what to do about them, and they likely have a bigger, more talented security staff.
Bottom line: define a clear private cloud security policy ahead of time – with full awareness of sticky legal and compliance issues – knowing that the fewer personnel with access, the better.
- Application and Network Suitability:If your data center has been around a few years, not every element of your IT infrastructure may be capable of making the leap to a private cloud.
If, for instance, you have a legacy application built in-house (by developers who are long gone) that resides on an aging Unix system, porting this to a private cloud may be more headaches than it’s worth. How about that 1990’s era network you run for your company’s northern region? (The one held together by duct tape.) Can it be virtualized?
Bottom line: Make a complete and clear-eyed inventory of all your compute resources, to see what can and cannot be integrated into your private cloud. Be aware that some companies have more than one private cloud, and that companies run private clouds that incorporate only a portion of their IT resources.
- Your Company’s Staff: This is a tough one. Running a private cloud in-house is notoriously difficult; it takes an entire host of skills and expertise, from network performance analysts to virtualization pros to IT security gurus.
The level of skills required is what prompts many companies to host their private cloud in a third party resource center. In effect, the client company simply extends its firewall and regulatory efforts around this remote facility; a datacenter some hundreds of miles away becomes a “private” facility. The need for skilled staff is also what makes many companies hire high-priced consultants to augment in-house IT pros.
Bottom line: Your decision about staffing – whether you have the right staff, or can afford to hire them – is probably the most critical aspect of your private cloud planning.
A private cloud is always part of a larger infrastructure. Few if any private clouds fulfill all of a business’s computing needs all by themselves (largely because businesses will probably never be able to fit all their compute resources into a single integrated private cloud.)
Consequently, most private clouds are in fact part of a hybrid cloud deployment. A hybrid cloud is a deployment that includes both a private cloud and public cloud; or some form of in-house and externally hosted cloud – the possible permutations are numerous. (In fact, many companies that believe they are not yet in the cloud are, in reality, already relying on cloud resources.)
For instance, many companies use sales automation software from vendors like SugarCRM, Netsuite and salesforce.com. In classic SaaS fashion, this software no longer resides in the datacenter as it once did; instead these vendors charge a per user license fee and maintain the apps themselves.
So where do the customers store the resulting data? Quite likely in a hybrid cloud: data about potential customers could reside in a lower-cost public cloud; but once these prospects convert to paying customers, their sensitive data is moved safely into an in-house private cloud.
This concept of “more sensitive” vs. “less sensitive” types of data drives much of the move toward the hybrid cloud. A company may outsource its email service to a public cloud service, yet store its most strategic R&D work in a private cloud. Or a firm may have a cloud-based business analytics application that contains only limited data sets, to enable fast number crunching over the Web. Some companies outsource parts of their HR work and allow it to be stored on a pubic cloud, yet for regulatory reasons the company stores sensitive personnel data only on a private cloud.
Cloud computing and indeed many of the trends in IT today are focused on replacing or working around the disadvantages of a traditional datacenter. Certainly one of the leading technologies in this effort is Infrastructure as a Service, IaaS.
With IaaS, the entire range of datacenter resources – storage, networking, hardware – is offered on a rental basis. While IaaS offers numerous advantages, it has also created a problem that’s unique to this era in computing. As many company staffers have learned (to the chagrin of the IT department), anyone with a credit card can set up a remote and very robust computing environment. I’ve heard of some companies waking up to realize that there employees have set up more than a dozen separate remote datacenters. All are some form of IaaS.
Despite the problems with rogue accounts, IaaS is an easy and cost effective way for companies to scale out their computing resources on an as-needed basis. It’s particularly useful for short term projects and for seasonal expansion of the datacenter.
IaaS has significant overlap with the private cloud. Some companies set up their own in-house IaaS, which in effect is a private cloud. This in-house IaaS environment is a standardized, pooled group of resources that many different divisions can tap into as needed, perhaps seasonally or based on project overload. It is set up to offer dynamic provisioning, allocating resources to staffers or developers based on priority.
For some enterprises, these private IaaS deployments work in conjunction with a third party IaaS platform or other form of public cloud computing. For instance, perhaps a company first contracted with a public IaaS provider, then built its own smaller version. This public-private IaaS alliance is a form of a hybrid cloud.
Some companies – those with plenty of IT resources – go so far as to build a private PaaS, or platform as a service – which can be a type of private cloud. While IaaS provides an array of compute, hardware and network resource, a PaaS provides a full software/operating system platform that enables a client company to architect and code applications. Like IaaS, a PaaS offering can be built in-house or rented from a third party vendor. Renting a third party PaaS allows a company to build out applications with less management headaches and fewer startup costs. An example of a high profile public PaaS is Microsoft’s Azure.
Given that there are well established public PaaS providers, why would a company want to invest in a private PaaS? More to the point, if the PaaS is in-house, is it truly a “cloud service” – isn’t it actually part of a business’s existing infrastructure?
As to why companies would want to build a private PaaS, some find that a full-featured, stand alone development platform allows significant advantages in terms of cloud control (monitoring and enabling the platform) and independence/autonomy (for developers who have their own in-house platform instead of relying on a third party’s). Particularly for larger companies that have several (or more) applications under development or being upgraded at one time, a private PaaS allows them to consolidate their app coding environment for better quality and cost control.
As for whether a PaaS is a “cloud service” if it resides in-house, a company can certainly run it as such. The firm’s staffers can log-on and provision and/or deploy cloud resources from the platform on an on-demand basis, just as they would from a third party vendor – with of course the higher security (in theory) of the PaaS being in-house.
Forecasts of the growth in the private cloud market vary widely, yet they are all driven by one common fact: as companies of various sizes realize that the private cloud is a key next step in IT, the market will grow by leaps and bounds.
Certainly an influx of venture capital is helping fuel growth in cloud computing, with the private cloud being a big beneficiary. Forrester predicts that the global cloud market will grow from its size of $40.7 billion in 2007 to $241 billion in 2020. The research firm also forecasts that the public cloud market will jump from $25.5 billion in 2011 to $159.3 in 2020. An array of cloud sub-markets (management software, virtualization solutions) will grow at various rates.
Similarly, Rightscale predicts that enterprise adoption of private cloud will be 72 percent in 2017. And naturally, the adoption of private cloud is a key component of the hybrid cloud, which many experts expect to be the dominant model in the years ahead.
Among the many factors driving the growth of private cloud computing is a deep concern for security. In an enterprise environment challenged by factors like BYOD and a highly mobile workforce, businesses see the private cloud as a safeguard against data leak and compromised applications.
Indeed, the growth curve for the cloud computing market is expected to keep rising as far as the eye can see. "The IT industry is in the midst of an important transformative period as companies invest in the technologies that will drive growth and innovation over the next two to three decades," said IDC analyst Frank Gens in a statement. "By the end of the decade, IDC expects at least 80 percent of the industry's growth, and enterprises' highest-value leverage of IT, will be driven by cloud services and the other third-platform technologies."
Enterprise adoption rate of the private cloud remains high. Source: Rightscale 2017
If you’re evaluating private cloud vendors, be aware of a controversy that challenges this community of vendors. This argument can be summed up as “which is superior: in-house private clouds or third party remote, managed private clouds?”
Some industry pundits contend that an in-house private cloud is, in fact, merely an extension of the datacenter – and an expensive one.
On one hand, the in-house private cloud is surely popular. Vendors make their pitch: we’ll sell you the hardware, software and virtualization technology, already designed to integrate together, and you install it in-house. Many CIOs welcome the advantages in privacy and security of the private cloud -- all under lock and key in-house.
However, claim the pundits, the in-house private cloud is really just another added expense for companies. Purchasing all this hardware and software is not much different than the traditional process of expanding your data center. It’s not as scalable – and not nearly as flexible – as the cloud should be. In a sense it’s the opposite of what the cloud should be: It’s Capex when the cloud should be Opex. (However, to add yet a third point of view: many IT pros say that cloud computing isn't really about cost reduction – it's about efficiency and flexibility.)
Instead of an in-house private cloud, a better solution – though, again, opinions vary – is to use a remote third party private cloud provider.
One example among a vast slew of third party providers is Equinix, which has large data centers around the world, ranging from Secaucus, New Jersey to London to Singapore. Equinix offers businesses the ability to set up a private cloud in its data centers. Businesses can establish and cordon off their own hardware, then manager this remote deployment as a private Infratructure as a Service. Equinex has a budding alliance with Amazon: Amazon provides its EC2 customers access to a private cloud center using its AWS Direct Connect service with Equinix. Among the many competitors to Equinix are AT&T (which has a partnership with IBM for private clouds) and Verizon (which partners with VMware for private clouds).
The chief advantage of this remote deployment: the third party provider handles all the headaches of facility management. Scaling out is a matter of buying more capacity, rather than than having to expand or re-architect your in-house facility. Better yet, businesses that don’t have a data center at all can have a private cloud with a remote provider.
Okay, so you want a private cloud – have we got solutions for you. Cloud in a box? In-house private cloud? Remote hosted private cloud in a third party facility? Hybrid cloud? Some combination of these possibilities?
As many businesses begin the private cloud vendor selection process, the names that are most top of mind tend to be the marquee players in the cloud space.
VMware pioneered virtualization, and some companies still view a virtualized in-house environment as a form of private cloud. And certainly many agree: Forrester named VMware a leader in the private cloud market. VMware says that more than 500,000 enterprises use its technology to power their private clouds.
As Microsoft runs a not-too-distant behind cloud leader AWS, it's private-public cloud offering provides the company with a real competitive edge. This comes in handy for those many legacy infrastructures that aren't ready to go all-in with a remote public cloud. In many ways, Microsoft might be the "leader" in the private cloud market, because it's the top cloud player that offers a strong private cloud platform - AWS does not emphasis private cloud.
Oracle – whose CEO, Larry Ellison, so famously used to mock the cloud – now has a plethora of private cloud products, from servers to storage to networking to management software. Oracle even published its own Dummies Guide to Enterprise Cloud Infrastructure, an Oracle Special Edition. Certainly skeptics have notes that Oracle is running behind in the cloud, yet the company is investing deeply in its cloud offerings.
Oracle's Private Cloud solutions include its Cloud Platform, applications, infrastructure, lifecycle management tools and integration services. It also offers Managed Cloud Services.
Various research outfits acknowledge IBM as a having a strong presence in private cloud, and certainly the company has a deep commitment to cloud overall. It's "middle of the pack" in the IaaS market, but likely considered stronger in private cloud.
Is there a better firm when it comes to private cloud for the mainframe? Given the company's historic strength in the mainframe – which continues to sell – it makes sense that this niche is a standout for IBM.
Dells' purchase of EMC makes it a true titan in the enterprise IT world, and this extends to private cloud. EMC by itself owns a significant chunk of the private cloud market. The two merged companies are a major force in private cloud hardware market – which, admittedly is essentially a very similar market to the classic in-house datacenter market. Additionally, Dell offers virtual private cloud solutions and a number of cloud consulting services.
With HP now split into two entities, the slimmed down HPE is arguably better positioned than ever to compete in the cloud market. Indeed, the company is considered a force in private cloud, with Synergy Research reporting that HPE held a whopping 20 percent of the market for private cloud hardware in Q2 2016. The company also offer private cloud software and services, with most of its solutions sold under the Helion moniker.
Be aware when selecting a private cloud solution: The preceding overview of private cloud vendors is not meant to be all-inclusive. The variety of vendor solutions for the private cloud is so remarkably numerous – and so remarkably varied – that customers can easily be confused. Sending out a request for proposal (RFP) can produce a patchwork of possibilities. Adding confusion, some pundits accuse vendors of "cloud washing" – labeling their existing services with the cloud moniker.
If your company is shopping based on type of solution rather than vendor, then likely the Cloud-in-a-Box private cloud solution is an option you’ll consider. This type of offering – focused on pre-architected, easy-set-up deployments – tends to best fit with small and medium-sized businesses; larger enterprise are more likely to custom-build a private cloud.
The bottom line: There’s a private cloud vendor out there for companies of every size and budget. Working with these vendors is a matter of first deciding your goals, then leveraging your budget to get the private cloud deployment that best fits your company’s needs.
The Comprehensive Guide to Cloud Computing [Datamation]
NIST Definition of Cloud Computing [US. Government]
The True Value of the Private Cloud [ITBusinessEdge]
Blogs: Private Cloud [Forrester]
Private Cloud Blogs [Gartner]
Demystifying Cloud [Enterprise Management Associates]