A load of aaS

IaaS, PaaS, SaaS and now introducing SCaaS…. Public Cloud Computing gets Real

… for me at least. And it turns out that it has been real for some firms for several years.

I attended a session held by IBM and Amazon Web Services (AWS) today at Hursley labs in Hampshire. The title of the session was: “Software as a Service: Getting started with IBM software on Amazon Web Services featuring WebSphere sMash & DB2″

The name kind of disguised what a mind-expanding day it was going to be. There were two major aspects to the day:

• that the commercial model for cloud computing is alive and well, and that we are at the beginning of a brand new ecosystem. This is as big as the first phase of the world wide web was, and bigger than web 2.0 by far
• the hands on proof that all the parts worked.

AWS is a provider of IaaS, and as I found out when signing up for my AWS, by reading the T’s and C’s, Amazon also has a subsidiary, Alexa, which provides Service Components as a Service (call it SCaaS or CaaS for short) – notably search and indexing.

Instead we will look at two of the major offerings of AWS, namely Simple Storage Service (S3) and the Elastic Compute Cloud (EC2). There are quite a few other offerings from AWS, which are interesting if you are using IaaS, but the core offerings illustrate why IaaS is more than a flash in the pan.

S3 is simply the provision of secure storage. Secure in the sense that it is private, and in the sense that it is persisted across multiple data-centres.

EC2 is the ability to provision (i.e. not just turn on, but to create) virtual machines – specifically various flavours of intel machines, running various OSs – within minutes. And then just as quickly to be able to release the machines. An AWS virtual machine is called an Amazon Machine Instance (AMI).

The story of how Amazon came to be providing infrastructure on demand, originally for its internal consumption, arises out of their desire to remove ‘undifferentiated heavy lifting’, e.g. how do we provide secure storage? (now provided by S3) They wanted to save each team having to solve similar heavy lifting problems, and concentrate on adding value. The end result is that the one IaaS provider I do (now) know something about, now, is already in a position to provide cheaper infrastructure to most blue chips, than any internal IT department – including those which are run by outsourcing outfits. AWS certainly will not be the only game in town; we can expect more players to join the market – which will make the cloud IaaS offering even more competetive:

• AWS have a large bank of hypervisors (hardware on which virtual machines can run), and have sorted out the provisioning of Virtual Machines to those hypervisors such that:
  • The provisioning is controlled by the user, either through a web gui, or via web-services invocations
  • The provisioning can be billed by the hour
  • The provisioning can be automated to provide scaling on demand
• The hypervisors (i.e. the actual hardware) tend to run at about 80% utilisation. That is about sixteen times as much as most in-house IT shops. This means that AWS has one sixteenth of the cost of hardware, power, space, and cooling for any given set of software running.

Before I went to the session, I was aware that one of the benefits of cloud IaaS was that it was on-demand. I had no idea that the costs for running the machines 24×7 would be so much cheaper than most blue-chip’s IT shops.

The lab sessions were set up around the use of WebSphere sMash and IBM DB2 9.2 CE all running on virtual machines called Amazon Machine Instances (AMIs) in the EC2.

This is very much like the session I had a couple of weeks ago with the WebSphere Cloudburst appliance. Cloudburst makes it easy to deploy multiple instances of WebSphere Application Server (WAS) to a set of hypervisors (machines which are running as hosts to one or more virtual machines). The cloudburst appliance was very slick in its operation, and a big step towards virtualisation and re-use within a datacentre.

Setting up all of this virtualisation (i.e. the hypervisor estate on which to install and un-install the various virtual machines) within an IT shop requires a fair amount of capital expenditure, not to mention time.

The big difference between the cloudburst session, and this session is that the hypervisors are already there, ready to be used in the Amazon EC2 cloud: i.e. the capacity is there already. No capital investment required. No lead time. The labs allowed us to set up and instantiate the AMIs via a web gui with little fuss. A web-services API is also provided for this, with the relevant (X.509 and other) security mechanisms, and there is a vibrant developer community writing libraries in various languages to invoke these web-services.

The AMIs come in a variety of flavours, in terms of base operating system: windows, various Linux distros Open Solaris, but the second innovation is that commercial software is also available by the hour, just by paying a bit more on the hourly rate. So an AMI with a ‘free’ OS is cheapest ($0.0095 /hr at time of course, and now $0.0085 /hr). Windows costs a bit more (currently $0.120 /hr). All of the AMIs come with the necessary software to work with the AWS infrastructure – for instance to be able to capture snapshots of themselves (after configuration) for further cloning, or the capability to connect to S3 storage.

IBM is also taking part in that it is offering AMIs with various of its software products. Often the developer version is ‘free’ in that it costs the same as the minimum AMI cost with a bare OS. Then when moving to production the paid-for version is available as a higher cost AMI (say $0.36 /hr for express edition DB2, or $1.25 /hr for the workgroup edition). Similar terms exist for other IBM products (WAS, WebSphere Portal Server, sMash). This is a major step forward, as it allows the complete stack to be paid for on demand. IBM also allows you to bring your existing licenses to the infrastructure running on AWS.

It is worth noting that although IBM is a frontrunner, it is not alone in working with AWS in this way. Microsoft and Oracle also have database instances available, for example.

In summary.. by looking at AWS and IBM (so we expect the market to be at least as good as this) we can see that :

• Cloud IaaS offerings are already here making the infrastructure offerings of in-house IT look expensive.
• The management of that infrastructure by the hour, and the ability to pay by the hour (no capital expenditure) is compelling, especially for those organisations which have highly variable load
• AWS have a good story around data protection, Sarbanes-Oxley and other FUD-inducing regulatory measures
• Value added ‘heavy lifting’ like storage, and load-balancing is greatly simplifying development and deployment (users do not have to be Cisco and EMC black-belts), thus reducing development costs.
• There will be a growing number of value add components, e.g. card merchant services, search engine in the cloud – such that it will soon be the case that many large solutions have more components ‘in the cloud’ than they would have ‘in our data-centre’.

So now I am going to stick my neck out, and say that within three years there will be no large organisation that does not investigate cloud IaaS for new infrastructure installs (including refresh operations); and within ten years 50% of all large organisations (£100m turnover +) will have at least 50% of their data-centres ‘in the cloud’. It will be a higher proportion (say 80% of smaller organisations).

 

SOA isn’t dead, it’s barely out of nappies

On the oft-discussed “SOA is dead” theme – surprise surprise I don’t agree. I think maybe that “SOA hype is dead” is a fair perspective and it is now entering the “business as usual” phase with many but definitely not all of our customers – every early or middling-adopting customer now knows it’s a good idea (the best idea out there at the moment) for the right use cases and is struggling to varying degrees to make it happen and get the benefits.

I’ve revised my view of the payback period – if I can generalise, I now think SOA is a 15 year endeavour, with services gradually building up over time and so reuse getting better over time, and organisations learning from their mistakes as they go also. The payback period is shortened by doing the right things – understanding your business architecture, and hence investing in the right services, making them reusable, good service development and life-cycle hygiene etc.

So the reasons for doing it are just as valid as ever – we’re just now in the hard slog phase and so the marketing flies have moved on to fresher…er…pastures.

 

Smart421 renewed as Oracle gold partners

At Smart421, we’ve just renewed as a “gold” partner in the Oracle PartnerNetwork (OPN). There’s a noticeable trend at the moment in the partnering world that our key technology partners (Microsoft, IBM, Oracle etc) are all becoming more selective in the companies they will work with and the qualification criteria that they place upon them. I’m happy with this as it weeds out the less committed organisations – and leaves organisations like ours as bigger fish in smaller ponds, so to speak.

Our strategy is to be a member at the highest possible level of membership in each partner programme, and therefore to hold the relevant specializations and supporting staff certifications etc to operate at that level for our customers. That’s a bit of a double-edged sword at times as it means we have to be organised to keep our staff certifications current and relevant, but that’s a healthy pressure and it helps us to “lift our heads” every now and then from the day-to-day delivery for customers – it’s very easy for training to suffer sometimes when we’re all so busy.

Specifically on the Oracle gold partnership – now that Oracle have hovered up Sun as well as BEA and others – I’m looking forward to getting even closer to their future strategy for how they will exploit all these acquisitions. I’m also personally delighted just from a CTO bandwidth point of view that we can have the partnerships for all these technologies that we user/support for our customers under one roof – a “one stop shop” partnership for Oracle, BEA and Sun is really good news from that manageability point of view.

 

Business Cloud Summit 2009

On Wednesday last week I attended this cloud computing event in London – it was a very long but interesting day. A few key observations for me were that

• The focus was mainly on SaaS with some discussion of PaaS – much less discussion of IaaS which surprised me, but I guess was partially due to the business-focus of the event. None of the speakers or panel contributors were from Amazon, Rackspace etc for example.
• Also, any consulting companies were pretty invisible also (except Smart421 of course!) – but as one of the panel discussions was relating to consultancy in a cloud computing era I was surprised that the panel was made up of vendors rather than consulting companies. Having said that, the event sponsors were primarily SaaS providers (Salesforce.com, NetSuite) and so this probably skewed things somewhat.
• The general view on the classic “data security” challenge from the vendors was that the concern has been addressed, but that the convincing customers of this still had some way to go.
• A key recurring theme was that the success or otherwise of cloud-based implementations was largely determined by the effectiveness of the user community engagement/change management process – and that this was true before cloud computing and just as true now. My summary – regardless of the technology-du-our, get the basics right.
• Disappointingly, there was no mention of Enterprise Architecture (EA) at all during the day – and yet really many of the sessions were about how cloud computing brings new architectural choices to the CIO/CTO’s table, and so for me this is a classic EA opportunity. This just shows how much mind-share the discipline of EA has in the wider IT and business communities – not very much I fear.

The day started with a classic demonstration of poor elasticity and scalability – when the registration process crashed and burned under the pressure of the number of delegates, as you can see from the photo. I gave up on my free bag of goodies. This means that things started a bit behind schedule, but the organisers recovered the timing well and got things back on track during the morning sessions.

From a PaaS perspective, the only platform that really got any airtime was Force.com and from this event you’d think it was the only credible game in town.

There was a really interesting presentation on the G-cloud from Martin Bellamy (from the CIO of the Cabinet Office) – the ambition of the G-cloud project is quite breathtaking in its scale, but then also the fact that data centre consolidation in the public sector is so rare was also pretty scandalous to me (as a tax payer!). Martin explained that current public sector data centre utilisation was around 10% and gave a good justification of why this was so low (e.g. they target a 60% max utilisation for “head room”, plus the 10% figure includes DR/dev/test environments etc) – so the business case for just data centre consolidation using a cloud architecture is very compelling. One thing that encouraged me was that he was proposing incentives to the various departments for reuse, e.g. if you add a reusable asset to the base set of assets (which he referred to as an “app store”) then the department receives some kind of discount. I must admit to wondering how well a centrally funded project can deliver the G-cloud however…given the breadth of the undertaking.

 

Data centre visit

I was given a tour around a customer’s data centre last week. It has been a while since I actually had a nosey round one and was interested to see it and talk to the hosting team.

My role is as a solution architect so it’s easy to get a bit detached from the physical infrastructure. Everything to do with the software can be monitored from the comfort of my desk but you can’t review the results of infrastructure design without going and looking at the physical implementation. There is something very satisfying about seeing all the servers flashing away in the cold rooms. The complexity of the software and hardware whirring away underneath is astonishing when you think about it.

One of the things that I’d lost sight of is the ‘capacity planning’ aspects that fall outside of normal IT design. For example, the electrical power demand for the physical servers is analogous to the processing power demands of a shared software platform; you need enough power to run all the servers at 100% but actually that leaves you with a huge amount of redundancy if you sized every new component independently. Same applies for air con – need to provide enough to maintain the temperature for all servers running full blast – but that’ll never happen right? I wonder if there are any clever tricks that the data-centre guys have got that could be applied to the problems of shared software platforms.

Anyway, it occurred to me that running an efficient data-centre looked really hard and expensive. It just makes me more interested in the cost saving benefits of cloud computing. Not only that, but for a project to go from business requirements to data centre requirements is really hard. Outsourcing hosting most likely won’t detach you from the problem of ensuring the data centre can support your project because you’re data-centre won’t be big enough.

Going that extra mile and designing your software to run in utility servers detach you from that though. Delivering projects has to be easier in a cloud based environment.

 

Smart421 at Business Cloud Summit in London tomorrow

I’m going to be attending the Business Cloud Summit tomorrow at Lancaster London Hotel – at the moment you could probably spend you entire life flitting between cloud-related events like this, but I picked this one as it looked like it had good sponsorship (and therefore hopefully good attendance), good speakers and also as it had a business emphasis. I wanted to avoid another “this is how you do it on Amazon Web Services” event as these seem to be ten-a-penny and also I can Google that can’t I…

I’ll report back how it goes via this blog…

 

Annual itSMF conference

Along with Stuart and Simon, I attended the annual IT Service management Forum in Birmingham on 9th and 10th of November. This is the event of the year for service management where 80 + suppliers exhibit their products including Service Desk tools, Monitoring tools, ITIL training and consultancy. Everyone serious about Service Management is there along with the all the governing bodies and sponsors.

The theme this year was ‘optimising IT services for business success’. Along with a few celebs, some I’d even heard of, there were 57 presentations spread across the 2 days on various subjects. Some of these are from consultants and vendors and these tend to be covert sales pitches and sometimes rather academic or theoretical  in that they are too good to be true or sound slightly removed from reality. The sessions given by employees of companies, govt depts, universities etc tend to much more real world and they share some of the problems and challenges as well as the benefits.

Of the sessions I went to one was entertaining but didn’t actually tell me anything, it was titled “can I have cheese with my burger please” which made me curious. I then spent an entertaining hour watching a presentation given by a good speaker with some great anecdotes and pictures but virtually devoid of anything useful. To give him credit, he made one good point which was that a Service Catalogue should not list every service on offer, it should just list the services available to the role of the user. The obvious benefit is to make it quicker to find the service you need but the other angle is staff morale. The example he gave was that the call centre user who needs a new PC could get a bit de-motivated if they see an option for the executives to book the company jet. Therefore Service Catalogues should be linked to active directories.

Two other sessions I went to were better but for different reasons, one was slightly alarming, the other very useful and relevant.

The alarming presentation was given by The University of Teeside and Northumbrian Water and was titled “Service management and the Youth of today”. The alarming thing about it was that Teeside is the only university in the UK (maybe even the world) where Service Management is included as a mandatory part of a computer science degree. They include ITIL foundation and about 50 hours of tuition + course work on the subject. Presumably other universities think that IT systems are created put live and then just look after themselves! Another alarming thing was that the students who are forced to do service management complain that it is diluting their IT skills. I don’t necessarily disagree with this but it’s alarming that they even think of this and explains why we sometimes struggle to attract the right people into service management. Maybe the answer is to stop calling it development and service management and have one name for the entire IT systems lifecycle. On the plus side the professor giving the lecture reported that most students felt quite positive about service management once they had completed it and obviously having an industry recognised qualification looks good on their CV.

The other interesting session was given by Co-operative Financial Services and as they are one of our customers I went along and was very glad I did. The title was “end to end service management – a low cost approach”. The focus of the presentation was on service reporting. A lot of  IT services companies are very poor at reporting, others like us put a lot of effort into producing very comprehensive and accurate reports with lots of graphs and metrics. CFS view from conducting surveys with their users is that users (and presumably customers) don’t want masses of detail and often don’t understand, or don’t have time to understand some of the metrics we produce such as availability figures. A report stating 100% availability would be reported as green and we’d think we’re doing a great job but the user may have had several hours of slow performance to put up with. If this was reported as one incident and as the system wasn’t down it was classified as a medium priority in line with the SLA then it probably didn’t even breach a service level. Other examples are where a recurring problem is fixed quickly every time, so again no breach of service level and a nice green service report but a frustrated user. The message here is that big fat reports are a lot of effort, often don’t get read and can even annoy the reader.

Their solution was to ask the user what they wanted – a novel approach!  What they came up with was a one page report with a single performance indicator and a calendar with trouble free days as green, other days were amber or red depending on the severity of problems occurring on those days. Behind the single performance indicator can be a variety of simple or complex metrics and measures based on the users view of an impact of a problem and the speed of resolution; these do not  necessarily need to be in line with the contract and can differ between depts for the same service. The user does not need to remember exactly how the performance indicator is made up but knows that they have agreed with the measures and what an acceptable figure is and can see the trends over time. The one page report also had a couple of other trends and free text but essentially it was a very simple and understandable view and probably less effort than the reports we produce. They also managed all this without the need of expensive monitoring and reporting tools.

 

XML/XSLT Mapping Tools

On a recent client engagement I was asked on my opinions on using mapping tools for XSLT generation. Personally I tend to handcraft most things, although I have used tools for quick generation for example when working in BizTalk.

The question drove up some interesting responses from our internal practices on experiences with several tools across several client sites.

Altova MapForce ( http://www.altova.com/mapforce.html )

• good for large graphical mappings
• pretty flexible about letting you do pretty complex operations on mappings
• Running a scenarios takes more extra clicks
• You cannot apply a scenario to several files.
• XSLT generated is verbose
• No reverse engineering, so xslt overwritten when regenerating the map
• There is also no way to correct stuff like.. the namespace has changed (maybe new version).. as far as it is concerned – it’s a completely different file and you have to start from scratch again

StylusXML ( http://www.stylusstudio.com/ )

• you can run the translation with one of several engines Saxon, Xalan, MSXML, .NET system.xml
• graphical mapping functionality (experience suggests this becomes limited as complexity increases)
• a scenario has to be applied to each file being edited

OxygenXML

• it runs on Windows, OS X, linux etc.
• the licensing is per individual, not per machine (i.e. you as an individual can store it on several machines)
• It also can run translation scenarios, where the XSLT engine (saxon, Xalan, but not Microsoft – out of the box) is part of the scenario set-up.
• It highlights syntax errors in XSLT, just like spell-checkers. e.g. if you try to use a variable which has not been declared, you get the underline. It is the only product I know that does this.
• scenarios, when set up can be applied to several files. This is handy , because if you are editing a source XML document (test values), and the actual XSLT, you can apply the same scenario (which source, which xsl, which parser, where to output) without having to set it up for each file you are working on.

Others

Other were tools discussed that were not relevant to my situation:

• Websphere Transformer Extender (http://www-01.ibm.com/software/integration/wdatastagetx/)
• Liaison Contivo Analyst (http://www.liaison.com/Products/ContivonbspAnalyst/tabid/57/Default.aspx)

In summary these tools all provide some useful functionality to increase productivity when used in the right scenarios. However this does come with the usual compromise that auto generated code in effect has to be treated as compiled code, or just an initial starting point, unless you have literally 100s of elements to map.

In reality, manual code crafting enables you to make something far more efficient, resusable and extendible than what comes out of a mapper. If you take a bit of time to isolate out things that might change (i.e. parameterize stuff like namespaces that might change in your xpaths). Also mapping tools are should not take away from taking the time to learn the underlying xslt languages.

 

Today’s Enterprise Architecture Tip – Focus on a consistent level of detail

Enterprise Architecture (EA) teams are usually partially populated with staff that have originally come from a technical IT background, and we all know what they are like don’t we? Because I am one…we love to meddle in the techy details – everything from what static code analysis tool the dev team are using and how, to version control, detailed design artifacts etc. But the key question to remind yourself of is – where should my EA team be adding the value?

It’s back to the good old ‘big rocks’ story (thanks to Mr Fernau for telling me this one several years ago).

So what is the most important thing your EA team can achieve today? For example, is it:

a) Cost avoidance – preventing a programme of work from building the wrong thing and so damaging future agility and increasing long term operational and change costs – by finding a superior alternative approach, i.e. not just saying “no”, but “that’s a really great idea, but what about this”…

b) Resolving the really frustratingly poor use of code header blocks in your offshore team’s work

A classic EA team behaviour anti-pattern is to try and work at both levels of detail – which is very frustrating for all parties involved as neither are the key EA decisions all adequately addressed (in fact they probably never can be – as that’s a “pick the right battles” issue, but that’s one for another blog post) and nor are the more detailed issues, as the EA team doesn’t have the time, control or buy-in to meddle at that level anyway.

You decide…in fact, once you’ve got all the type (a) issues under control, feel free to use the rest of your spare time of issues of type (b)

 

Notes from Berlin…Microsoft Tech Ed Europe 2009

Just thought I would give you a quick update from my week at Tech Ed Europe 2009, the main focus of TechEd was all about “The New Efficiency” – both in terms of power usage and productivity.  Areas covered in the keynote speech were:

• Windows Server 2008 R2  (virtualisation is also included in this area) -> uses less power
• Windows System Center and Forefront all offering the ability to save time and increase productivity with control from their control panels
• Windows 7 -> offering an optimised desktop experience, now faster with the ultimate edition offering built in bitlocker functionality for improved security.  (Touch features are available in Windows 7 – there was a good sprinkling of talk about gestures in several of the sessions that I attended)
• Exchange Server 2010 -> Forrester research say the ROI is 6 months. Combined with Outlook 2010 to integrate a voicemail to text feature and a way to view your emails in conversation strings.
• Office tools such as Word, Excel and Outlook toolkit available from browsers
• Cloud computing (Windows Azure Platform) – good for economies of scale, though it will not save everyone money, this was not highlighted in the keynote speech, but it was discussed in the other sessions. Dublin data centre opening on Wednesday 18th November.

Other areas that caught my interest during the week:

• SharePoint 2010 more integrated with existing tools, can add document from Word, Excel etc.  It’s built on 3.5 of the .Net framework.  The good: migration process easier than 2003 – MOSS 2007 and the underlying framework has not changed as much, tight integration with the Office toolset   The not so good: requires upgrade to x64
• .Net 4.0:  The trend seems to be moving away from SOAP towards REST.  Microsoft do not plan to extend LINQ (though this plays a key part of SP2010, StreamInsight (see SQL Server 2008 R2) etc) and further and sees the entity framework as the way forward
• SQL Server 2008 R2: StreamInsight, the new event driven application to be shipped with SQL for use with multiple strands of realtime data – has adapters for input and output and an StreamInsight engine for processing and capturing data. Early adopters McLaren Electronic Systems Official ECU Supplier to the FIA Formula 1 World Championship for telemetry software presented the benefits (release date interlinked with SP2010)
• Visual Studio 2010:  There has been a lot of work in the Architecture and Testing tools space.  You can extend the Architecture features yourself if you want and the Team Edition offers automated testing options for UI as well.  Silverlight can be used with SharePoint 2010 and mobile devices.
• Team Foundation Services:  Visual Source Safe is at the end of its life, time to move to TFS.
• Mobile -> There were a few sessions on the mobile space, but it was generally quiet on this front (see things to look out for below).  Touch screen and Silverlight intergration seemed to be topics that were on everyone’s mind.  

 And finally, a few things to look out for in the next week or two:

• BizTalk ->  announcement expected at Professional Developer’s Conference (PDC) 2009 in Los Angeles, which takes place this week (November 16th)
• Windows Azure Platform -> European pricing to be released this week
• SharePoint 2010 -> Release date to be announced soon – current expectation is March/April 2010
• Mobile -> Announcement expected this week on future developments.