Public cloud vs. private cloud: The debate continues

Cloud photo via Daniel Boyd

Cloud photo via Daniel Boyd

There’s a lot of chatter about moving applications to the cloud, whether the public cloud such as Amazon Web Services or private cloud offerings powered by open source technologies of OpenStack.

The debate was certainly at a fevered pitch Wednesday night at two events, held just a few blocks from one another in Seattle’s Belltown neighborhood, one hosted by Stratacore and the other by F5 Networks.

I was struck by the consistency of arguments by the panelists at both events, representing companies such as Blue Box, Disney Interactive, Tier 3, Tableau, F5 and others. In essence, several of the panelists struck the same theme — beware of the costs and security risks of public cloud installations.

Of course, Amazon.com — coming off its big AWS re:Invent conference in Las Vegas — believes it has the best cloud computing offering for customers, large and small. There’s certainly a lot of momentum behind Amazon.com, with one analyst assigning a $50 billion value to the AWS unit alone by 2015.

But panelists last night offered a slightly different take on public clouds.

Eamon Gavin

Eamon Gavin of AllRecipes.com

While AWS and Windows Azure continuously reduce pricing on their services, many said the costs can still add up quickly.

“I’ve looked at doing other businesses purely in AWS, and if you are not ready to be able to spin up and spin down, it is probably not as cost effective as doing it yourself,” said Joe Specht, senior director of system infrastructure at Tableau Software. “In addition, it takes a lot to get there to spin up and spin down. You have to spin it up, monitor it, make sure it is doing what is supposed to be doing, and when it is not, you have to tell it not to do that anymore.”

Across town at the F5 Networks event, Eamon Gavin, director of network and data center operations at AllRecipes.com, offered a similar note of caution.

“Do your due diligence. The economics are huge. The cloud is attractive because I can spin up my Web site in four hours. Well, great, after 30 days you’ve cost me $1 million because of the traffic and the bandwidth that’s coming into that cloud environment because you didn’t understand,” Gavin said. “We see that all around town, people who have deployed Amazon, and they are like holy s—: ‘I’ve got to bring this all back in house, because we can’t afford this.’”

In his view, Gavin said it is critical to understand the economics upfront and the costs of architecting and building your solution. That was also the advice of John Matthews, chief information officer at F5.

“Be really, really clear on what you are trying to achieve. I think sometimes people choose the cloud for the wrong reasons,” said Matthews.

He added that cost is a key consideration when choosing whether to go with the private or public cloud.

Jared Wray

Jared Wray of Tier 3

“Find a good deal. There are a lot of competitors in this space right now offering a lot of tools and technologies” and not every service is right for everyone’s needs, he said.

Perhaps the most animated remarks of the night came from Tier 3 co-founder Jared Wray, who just this week sold his Bellevue cloud computing company to CenturyLink.

Here’s what Wray had to say on the debate, noting that OpenStack has a huge opportunity right now.

“The enterprise really hasn’t taken a foothold in public cloud at all. There is still massive amounts of workloads in data centers and virtualization platforms, and that’s where they are right now. I honestly think OpenStack has a huge opportunity because steady-state, and for all intents and purposes, it can be cheaper running in an OpenStack environment running in their data centers. This is a massive advantage….

You are going to get to a place where a steady-state is very cheap for you, and there is going to be a point where there are other workloads where you will need a better hosted model, or a better support model, or even that elasticity, and that can be in a hosted private cloud environment, and you can still get those benefits.

Steady state is going to be one of the biggest discussions that you see in the enterprise over the next three years. Public cloud, even though the price wars are on every single day with them, there is going to be a point where they say: ‘OK, enough is enough. We are hitting that rock bottom point.’ And they will either give it away or give you a check every day.”

That’s why he sees some enterprises using private cloud for repatriation of public cloud workloads. There are plenty of pitfalls to getting OpenStack up and running, but over the next five years Wray said that it will be “the dominant framework for everybody to deploy off of.”

cloudcomputing-chartWhile it is difficult to operate now, he said that will change as more parties contribute to the offering.

Jesse Proudman, CEO of Blue Box, a Seattle-based startup that was an early adopter of OpenStack, said that the private cloud is “single tenant” and that there is an “air gap” with all of their deployments. That makes it stable and secure, allowing enterprises to put applications behind a firewall, he said.

To some degree, Proudman said the discussion over public and private clouds is like the debate between a proprietary system like Windows and Linux.

At the end of the day, Tableau’s Specht noted that it becomes a “math problem” of what’s cheaper and easier to deploy and support in terms of the private cloud. You can either outsource the work, or spend the money to train your IT staff on the new technologies.

“I can tell you some experiences going both ways. When it is your guys supporting it, it can take a while for your guys to get the answers because they are not doing OpenStack every day,” said Specht. “But if you make the choice to pay someone to do it, and if you make that choice, your guys will never know it. The people that you have that are running the environment, don’t really know anything about it…. You have to figure out that balance, and my balance is that I do both… In my mind, it is never free.”

  • Rachel Pepple, ExtraHop

    This article, particularly the quotes from Joe Specht and Eamon Gavin, get to the heart of central theme running through AWS re:Invent last week — enterprises are definitely cloud curious. They’re just not cloud confident. At ExtraHop, we’ve talked a lot with our customers and analysts about what it takes to gain confidence, and these quotes reaffirm that: without visibility into what’s happening across your AWS environment, confidence is very hard. With deep visibility, however, you can do you due diligence about which workloads are optimized for cloud deployments; you can monitor application performance and usage in real-time; and you can make sure that the workload is performing properly, and pinpoint the source of the error when it’s not.

  • Elliot Curtis

    This debate misses a few crucial aspects. 1) While cloud, private or public gets all the attention traditional infrastructure hosting/outsourcing is still a much larger business and a secure, predictable third choice. 2) The security concern over public cloud is a red herring. This same fear was raised ten years ago when enterprise email hosting started to gain traction. The reality is that enterprise IT is generally much less secure that a third party service who has a profit motive to optimize security. 3) #OpenStack is not only a private cloud story. At #Parallels we fully expect to see OpenStack based public clouds becoming the trend.

    • http://www.bluebox.net Jesse Proudman

      Hi Elliot,

      Great thoughts!

      You’re correct, traditional infrastructure hosting is still a larger business: Blue Box has been in business for 10 years servicing exactly that market. However, we’re at the beginning of a massive transition as applications are written for cloud infrastructure and we’ll begin to see a shift in dollars.

      I believe the security concern over public cloud is not a red herring. Public cloud CAN be as secure as on-premise/behind the firewall solutions, but it also can be a giant insecure mess. The MongoHQ security breach is a great example of that. Private cloud, particularly hosted private cloud provides an air-gap around infrastructure that can be secured much like the “behind the firewall” implementations.

      Either way, this industry is exploding and it’s an exciting time to be in this space.

      - Jesse

  • jon

    I think the future is distributed cloud. Once we see Pirate Browser figure it out (through bit torrent). Then everyone can host there own cloud to others with infinite scaling (the more people the better!). I think then we will also see a change in how apps in the cloud work, from working in the cloud to working on your personal computer (unless it is extremely calculation intensive).

    At least that is where I hope the internet is going. Making it a truly democratized. I would love to host my own website from my personal computer.

  • @caniano

    Public cloud offers compelling value but the days of private cloud are far from numbered. Commentary in my blog: http://networkingexchangeblog.att.com/enterprise-business/days-private-cloud-far-numbered/?sf20262416=1