This is a Google tool used to build apps on the same scalable systems that power Google applications and run your web applications on Google’s infrastructure.

Google App Engine (GAP) enables users to build scalable web applications very easily and deploy them on Google’s application infrastructure in the same way that Google is deploying their own apps.

Traditional approach to Web application development:

• Setup Linux / Windows Machine
• Install and configure Webserver
• Install and configure Database
• Write your web application in any programming language
• Deploy app on server and make it available to the entire world

There is an extra overhead to maintain the server and manage databases. Also, if the application becomes popular then it has to handle huge traffic. Again, we need to analyze traffic to focus on popular areas of web application. So the cost of maintaining the application increases. Also, there are chances of hard-disk failure, server crashes, and so on.

All these things will not be required if we use GAP, because on completion, GAP deploys a web application on Google’s scalable infrastructure, so there is no possibility of hard-disk failure, server crash, and so on. Developers can mainly focus on the problem.

Lets see how to create a simple Web app, Soutout, which stores messages that are sent by a user in a database and displays it on a webpage in a sorted order.

Create directory Shoutout

mkdir shoutout

Create app.yaml

This is the main app configuration file.

application: shoutout
version: 1
api_version: 1
runtime: pythonhandlers:
- url: .*
script: main.py

Create file main.py

#!/usr/bin/env pythonimport wsgiref.handlers
from google.appengine.ext import db
from google.appengine.ext import webapp
from google.appengine.ext.webapp import template

class Shout(db.Model):
message = db.StringProperty(required=True)
when = db.DateTimeProperty(auto_now_add=True)
who = db.StringProperty()

class MyHandler(webapp.RequestHandler):
def get(self):
shouts = db.GqlQuery("SELECT * FROM Shout ORDER BY when DESC")
values = {'shouts' : shouts}
self.response.out.write(template.render("main.html", values))

def post(self):
shout = Shout(message=self.request.get("message")
, who=self.request.get("who"))
shout.put()
self.redirect("/")

def main():
app = webapp.WSGIApplication([
(r'.*', MyHandler)
])
wsgiref.handlers.CGIHandler().run(app)

if __name__ == "__main__":
main()

Create file main.html

This is the main page of app.

Run the app using Google App Launcher

<pre>    <h1>Shout out</h1>

    {% for shout in shouts%}

    <div class="container">

    <div class="{% ifequal shout.who ""%} row {% else %} row altrow {% endifequal%}">

    <div class="text message"> {{ shout.message }} </div>

    <div class="text normaltext"> from </div>

    {% ifequal shout.who "" %}

    <div class="text username"> Anonymous </div>

    {% else %}

    <div class="text username"> {{shout.who}} </div>

    {% endifequal %}

    </div>

    </div>

    {% endfor%}

    <form action="" method="post">

    <p>Message: <input type="text" name="message"/></p>

    <p>From: <input type="text" name="who"/></p>

    <p><input type="submit" value="shout"></p>

    </form>

You will see the full application running on localhost.

Deploy App on Google’s appspot

Click on Deploy in the Google app launcher to deploy it on Google. Then you can access it @ url: http://shoutout.appspot.com

- Vijayendra Bapte

admin

Industry Needs

In today’s world of economic upturns and downturns, IT world is seeking tight financial control over organization needs for infrastructure management and would want to move out of investment in assets that would deprecate in terms of value in the near future.

Currently any IT organization invests into hardware and software that would turn obsolete in few years down the line. More over it involves costs to maintain these hardware with upgrades, cost of supporting infrastructure like electricity, coolers, high availability needs, scalabity, faster processing speeds, data center costs, bandwidth costs, RAID and backup needs adds to the expenditure wallet. Other maintenance costs involves upgrades and updates of softwares – licensing and patching, protection of data loss and anti-viral solutions.

Inspite of investing, the utilization of the infrastructure varies and usually does not reach the optimal levels of cost-effectiveness.

The Solution

As there is an old saying - Necessity is the mother of all inventions. Big players in the corporate world came up with an answer – Virtualization; to cap down the costs of small and middle level organizations and still run the competitive marathon.

With solutions like VMware, Sun VirtualBox, MS virtual server, it became easier to address these issues.

What is virtualization?

Virtualization is a cost-effective solution to high maintenance and infrastructure costs, demands to scale and upgrade hardware and software horizontally and vertically to meet the ongoing dynamic needs of infrastructure.

How is the game played?

The big players like Amazon, Microsoft, IBM provide virtual infrastructure in the cloud. They have the capability to bulk invest in hardware with high end servers, huge data centres, bulk licenses and cost-effective utilizations of infrastructure. The investment costs thus are reduced and distributed in quantity. They take over the headache of patching, upgrading, fixing, scaling, software and hardware managing data security and backup and adhere to SLAs.

This gives organizations to focus right on the business needs and not to worry about the needs of infrastructure. The infrastructure costs are reduced to minimum with almost any infrastructure available on demand in a span of minutes.

Virtualization Technologies

Server Virtualization

With high end servers supporting capabilities of running multicores and memory in TB, they are capable of running multiple apps in the same box. Server virtualization helps manage different environments parallely with reduction in administration and maintenance costs to a single box. It helps quick system recoveries, lesser physical space occupancies, power and cooling requirements.

Server Virtualization makes it easy for the server to be migrated from one virtual machine to another irrespective of the hardware capabilities of the machine provided they use the processor from the same manufacturer.

The physical server is called the host server and the servers running virtually are called guest servers.

There are 3 ways to create virtual servers:

• Full virtualization: Thisis a virtualization technique in which each guest server is unaware of the other on the same host providing complete independent running server capability with it’s own OS.
• Para virtualization:  In this technique the guest servers are aware of each other and the entire set of servers work as cohesive unit.
• OS-level virtualization: In this technique the guest servers do not require any software to run and the virtualization is managed by host OS. However, here all the servers need to be running the same OS.

Virtualization is achieved with software called Hypervisor

Storage Virtualization -Storage Virtualization separates the logical storage of data from physical storage.

With increase in data capacities reaching up to Peta Bytes, organizations face the dilemma to whether accrue more storage space or to store data in the cloud. Storage services are available from Amazon and Yahoo and online backup services available from Egnyte, XDrive, Adrive, Box.Net, Sky drive at a very cheap costs, it is becoming increasingly easy to move data over the cloud. Moreover, the data is easily accessible from anywhere over the internet and backing up of data, data protection and security and scaling of data storage is passed over to the service provider.

Networking Virtualization - Combination of hardware and software network resources into single software-based administrative entity is network virtualization. Network virtualization involves External and Internal virtualization.

External Virtualization involves connecting physical networks in different locations over VLAN and on a same network switch such that resources in each network can interact with resources of the other.

Internal Virtualization involves in creating a network in the box. Network Virtualization software provides pseudo interfaces such as VNIC and Virtual switches.

This allows isolating each application in it’s own sandbox improving efficiency of the overall system.

Desktop Virtualization - Desktop Virtualization is a concept of separating a personal computer desktop environment from the physical machine. These virtual desktops are stored on a remote server and accessible via remote client technologies. This allows all programs, applications and data stored separately thus allowing access to desktops from any capable client.

Deciding to Virtualize or not

Operational Issue

OS upgradations like fixes, patches, anti virus updates, spyware scanning etc are operational day to day tasks that need to be taken care of on each VM.

CPU Usage

Servers requiring high processing power should be left in their own world. Virtualizing them would mean disaster while a high end server with very less CPU usage may be considered for virtualization.

Disk space usage

Multiple servers on host system means sharing of resources including disk space.

Migration

Ease of migration of virtual server should be considered to reduce downtime and allow server maintenance.

Data Security

The level of data security that is needed would be a major factor in deciding to go for virtualization. Isolation of business critical and private data should be considered.

SLA

There are SLAs for virtualization services provided by hosting organizations. However, there are lot of factors that drive the SLAs and the onus of responsibilities like bandwidth, network connectivity etc.

Legal Bindings

Laws binding data privacy are still not in black and white and legal rights are bounded by the laws of the respective countries where the data is physically stored.

Summarizing, there are various pros and cons in virtualization technologies. To virtualize storage and desktop on the clouds is a wait and watch game at a moment until few of the major issues are addressed. Virtualization is definitely here to stay though and it would be great to use it in your own private organizational cloud.

Players in Virtualization Software

VMWare, Sun VirtualBox, FreeVPS, Microsoft Virtual Server, Parallels, Qemu, SWSoft, Virtual Iron, Virtuozzo, Xen

- Anand Ved (Team Member – Cloud Computing Project)

xoriant

Cloud computing redefines Enterprise Computing in ways beyond client-server model and web computing and is a talk of the town recently. Cloud computing extends beyond the concepts of distributed, grid and utility computing abstracting the infrastructure and technological expertise needed for common day to day services.

Cloud computing is an emerging trend in IT world seeking to change the concept of personal computing and taking it to a new level of computing available as a service. Services available for computing are broadly categorized into Software as a Service (SaaS), Utility computing, Web services, Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). It is being estimated that spending on the cloud would increase three fold in next three years

Knowingly or unknowingly, each of us have used cloud computing from last few years with almost every Internet user using public email services, storing personal photographs for sharing with friends and families, socializing via the cloud and many more.

Obvious benefits that the Cloud brings are

· Low initial investments. Pay as per usage model lets one get started without any initial investment.

· No maintenance. Cloud Vendors would bear the complexities of maintenance.

· Instant resource expansion. Firms could easily scale from little to huge resource consumption in few minutes.

Am I ready to jump on Cloud bandwagon?

Key considerations are:

· Architecture and Design overview

· Cost Effective analysis.

· Capacity Planning

· Operational Issues

· Security

· Data ownership governing laws

· Green IT

Determining ROI on Cloud Computing

Architecture and Design overview

Current software architecture and design needs to be reviewed to check if it scales to allow computing on the cloud. This includes determining data security isolations with access controls; trust boundaries and identifying business critical data. It also caters to understanding data operations and storage trends within an organization.

Cost Effective analysis.

Software licensing charges, data center costs, infrastructure needs and maintenance, high availability of mission critical data determine the costs. Cloud computing does bring in cost benefits; however it also brings in additional costs in terms of bandwidth needs.

Capacity Planning

Identifying utilization of various resources like CPU, data storage capacity, network bandwidth and evaluating if they are optimally used. There is no need to jump to the cloud if the existing resources are under used.

Operational Issues

High availability depends on the expected uptime defined for system requirements. The cost of each additional nine of availability can grow exponentially.

SLAs are the negotiated terms that outline the obligations of the two parties involved in delivering and using a system, like:

· System type (virtual or dedicated servers, shared hosting)

· Levels of availability

· Uptime

· Serviceability

· Performance and metrics

· Billing

Understanding the risks involved in downtime of the system may critically impact the business and mission critical systems need to be mitigated by tight SLAs.

Security

Data security is determined by Cloud vendor’s security policies. Data security is measured in terms of:

· Physical access to data

· Backups

· Network security

· Access and Authentication procedures.

· Data encryption techniques.

Data ownership governing laws

There are currently no clear International laws governing the privacy and security of the data posted over the cloud. Governments tend to preview stored data to gather intelligence under national security laws.

Green IT

The Green Grid consortium estimates that most data centers have a power usage effectiveness (PUE) ratio of between 1.3 and 3.0.5 A PUE of 3.0 means for every 3.0 watts of electricity entering the facility, only 1.0 watts is used to support computing activities (i.e. servers) while the other 2.0 watts support other infrastructure (i.e. cooling).

Cloud computing promises efficient energy consumption and appropriate utilization of resources.

Key Cloud Vendors:

Amazon’s cloud – Amazon Web Services (AWS) provides Simple Storage Service (S3) as a Storage Virtualization solution in IaaS model, Elastic Compute Cloud (EC2) as a Platform Virtualization in PaaS model and Simple Queuing Service and SimpleDB as software solutions in the SaaS model.

Google’s Google App Engine is a solution in the PaaS model allowing developers to float Python based applications and host them at Google’s infrastructure.

IBM Computing on Demand (CoD) offers Infrastructure services with variety of Operating Systems and Networking solutions and Storage Services in IaaS model.

- Anand Ved (Team Member – Cloud Computing Project)

xoriant

Cloud Computing seems to be the talk of the town. It is very difficult to separate hype from reality. Overnight, people have been asking questions from our software products i.e. is it ready for the cloud? Cloud computing is a different model and not all products can be a good fit for the cloud. This article will assume that you have a current product and have done enough homework to move it to the cloud. The article will list down key high level areas that you need to consider while moving to the cloud. These are based on our experiences with executing projects over the last one year in the cloud computing space.

Self Hosting or Outsource

Given the options that are out there vis-à-vis cloud architectures, there is a tendency to think that one should do all the hosting initially and then move to a cloud (public) once the application gains more acceptance, etc. While this might seem plausible in the beginning, there is no point trying to replicate complicated and massively scalable architectures that cloud vendors have already built out. So it is important to do your homework first in terms of the cloud vendors that are out there, evaluate them, discuss your requirements and go with one of them. Depending on your choice of technology, you might have to go with a vendor who provides that platform.

PaaS or IaaS

This article intentionally keeps aside SaaS (Software as a Service) since that can be done for your product in the cloud, but before that you need to get to the cloud. You can either take the IaaS (Infrastructure as a Service) or the PaaS (Platform as a Service) route. The IaaS vendors such as Amazon provide you computing resources: Virtual Machines, databases and processing in a pay as you use model. This is most flexible if all you want is a virtually available application for everyone to access. You will have to most likely build an image of your application and use a service such as Amazon to host it for you. The IaaS vendor will take care of all aspects like scalability and availability.

The other route to go is PaaS (Platform as a Service). These are specific to a technology platform and PaaS providers provide you a complete technology stack to develop and a scalable network where they will host the application for you. Key players in this area are Google App Engine (Java, Python), Heroku (Ruby on Rails), Azure (Microsoft .NET) and Force.com (a PaaS platform from Sales Force). Do keep in mind that each of them have different billing plans (typically pay as you use) and not all of your application can be ported as is to a specific PaaS. You will in all probability have to rewrite some parts of your application to fit the PaaS Technology and runtime stack that you go with. For e.g. Google App Engine provides core services like Caching, Task Scheduling, Networking, etc that might not be compatible with the way your current code is written. If moving to a PaaS, you need to evaluate each of your core system and infrastructural services/layers with respect to the Technology Stack that the PaaS provider gives you.

Databases

Most applications are still dependent on a relational database (SQL). The current opinion is that relational databases are not that suited to horizontal scaling at a large level. The movement towards noSQL databases has found widespread acceptance and it is something worthwhile to investigate into. Several PaaS vendors simply do not support SQL databases at this point in time (Google App Engine) and instead provide support for NoSQL databases. Several NoSQL databases like Google Big Table, MongoDB, Voldemort, etc are gaining acceptance. The database layer is therefore something that you need to pay close attention to as you move to the cloud since it would impact the architecture/design of that layer.

Abstraction

A cloud in its purest sense stands for abstraction. You are more interested in the interfaces and service contracts rather that the details about the implementation. The same philosophy applies to your product architecture and functionality as it moves to the cloud. You need to abstract significant portions of your application and service enable them to be accessible using open technologies like HTTP, XML and JSON.

Versioning in the Cloud

Your product will go through several iterations or versions. Each new version will come with its new set of features. There is a good chance that the versions would be incompatible with each other and yet they need to be running and supported till end of life. The impact of this on your architecture will be the need to build in versioning in all aspects of your product. All Interfaces to the outside world vis-à-vis integration points will need to incorporate versioning.

Session/Cache Management

Scalable cloud architectures rely on multiple instances of your application running across clusters that could be geographically distant. The cloud provider takes care of all this for you. The architectural impact of this will require that you take a good look at how you manage sessions in your product. An overreliance on sessions and expecting that the request will be forwarded to the same server that serviced the original request could result in problems. You will also need to employ Cache architectures in your product to allow for scaling.

Management

Moving to the cloud requires that you provide new features in your product vis-à-vis managing the product. You will also need tools to help building, deploying and monitoring your product in the cloud. Some of these are:

• Keeping a track of resource usage that your application consumes
• Tools to provision a new instance or multiple instances of your application in case of increased load
• Mechanism to send out Alerts in case of System downtime
• New tools for building/deploying to the cloud
• A comprehensive dashboard that allows to do all the above along with access logs.

Economics

There are enough technical reasons why one should move to the cloud. Given the choices that are out there, you would be able to look at the pros and cons. A final point is about the economics part of the process too. At the end of the day, it should make economic sense to moving the product to the cloud. Business models that incorporate the cloud are being demanded. It would also help to determine how much it is going to cost to move to the cloud in terms of servers, resources, etc. Different payment plans are available and most cloud vendors provide a free quota along with plans that charge you only if you use resources. A quick check would be to analyze your current traffic, taking into consideration peak days and numbers and determine the approximate cost of moving to a cloud.

Conclusion

The above are high level architectural factors to take into consideration while moving to the cloud. Each of them can be broken down into fine grained points but these high level items should form the basis of a good discussion/strategy before moving to the cloud.

Romin Irani– Principal Architect

Cloud computing is more than a concept. Let us understand what it is. This post gives a brief of what is cloud computing, its attached benefits and some of the new paradigms that has arisen due to this.

Cloud – Introduction

The cloud is largely a CPU bank on which a hypervisor runs and provides virtual servers on demand via network to users. The user is no more tied to his desk and can access the computing resource such as virtual server or its apps running on a virtual server through any thin/thick terminals, tablets or even handhelds.

As per Wikipedia “Cloud computing refers to the provision of computational resources on demand via a computer network”.

So essentially the computing resources have been centralized and are available to users via network. This raises two important issues of network bandwidth and security. While security issues can be taken care of by encryption, there is a larger concern about the network bandwidth, the good news is that this bandwidth is just required for  user I/O , while the data access and transfers operations  are performed over the cloud.

This makes the ‘cloud’ an interesting option, we will explore this further below

Cost benefit – They have potential to drastically lower down the cost of IT infrastructure for businesses by replacing entire in-house IT infrastructure with dumb terminals connected to cloud via network. The cost associated is pay as you use which can be scaled up /down depending upon the demand. Other benefits would be

• Energy efficient, provides for elastic and maximum resource usage of IT hardware.
• Provides highly optimized server environments with co-located app servers, data bases, file systems and tuned up hardware.
• Offers on demand computing (make more resources (processors and memory) available to a program while it is executing)
• Require just connectivity software to cloud (could be just a plug-in to your browser),can connect from anywhere and use many devices like tablets and handhelds .
• Increased customization from cloud providers, can offer installed software stacks or just APIs or even complete services (IaaS, PaaS, SaaS).

Expectations from cloud providers

• Cloud would only be useful when they do not compromise on the response time
• There should be a well defined standard followed by every cloud service provider so as to allow the user the flexibility to switch and select between different providers.
• Clouds should be able provide services which are in compliance with regulations like FISMA, HIPAA and SOX in the United States, the Data Protection Directive in the EU and the credit card industry’s PCI DSS

Cloud computing is a new paradigm, given below are its risks as compared to having an in-house IT infrastructure. While network risk and data security risks are manageable, let’s say by using guaranteed bandwidth with spikes handled over fiber optics and data security by encryption, industry wide cloud interoperability is still not on horizon.

New Technical Paradigms with clouds

• Choices of large computing power, super, grid and cluster computing can be made readily available to applications hence affecting its design.
• Horizontal vs. Vertical scalability tradeoffs (May boil down to what costs low with cloud provider)
• App over HTTP vs. App access over cloud protocol.

Html updates on user ‘s  browser using  HTTP versus binary stream of terminal output made available to user terminal using cloud’s protocol. For example Citrix provides I/O for remote server using its proprietary ICA protocol that takes care of compression and encryption.

The diagrams below explain the new architectural choices

◦       Horizontal vs vertical scaling on cloud will require a revisit

Web app over HTTP vs thin client accessing service using clouds protocol from, lets say a webapp hosted on a cloud.

Well there is much more than what we have covered here. We will go from here to understand what is it that is needed to adopt cloud computing. Watch this space for more.

Gyanendra Singh– Sr. Tech Lead

In the earlier post, we have tried to understand the concept of cloud and the emerging paradigms, now before we decide to transition to cloud let us examine the uncertainties that require attention. Moving the system to cloud will require proactive management of risks, load and performance testing and managing cost and compliance issues.

Cloud Performance

First things first-

I) Are Hypervisors ready to provide optimal server experience in productions?

ii) Are Networks ready to handle the traffic and guarantee predictable production response time?

A load testing of the network bandwidth and performance testing of the application will provide definitive answers.

A make or break issue for transitioning to cloud is uncertainty with intermediary network.  Cloud providers have yet not collaborated with network providers to come up with a predictable performance and cost projections for requirements of client while taking responsibility of network connectivity. Thus customers are required to live with the critical issue of network uncertainty.

No wonder CTOs have to solve the performance and bandwidth maze by being assertive and proactive with cloud providers about network requirements. Additional representative load and performance tests have become necessary before making the decision.

The existence of ‘network expressway’ between cloud and clients is necessary for business continuity which should also incorporate bandwidth scalability to incorporate future growth.

A possible scenario that emerges is of localized cloud offerings, i.e. a client in region A could most probably be optimally served from a cloud nearest to region A rather that a getting services from a cloud sitting half way around the globe.

Cloud experience would vary like mobile services with each operator being able to provide acceptable services only in particular regions, because the cloud performance and operating cost is based on not only bandwidth but also on length of network from cloud to client’s region.

Such a localized cloud infrastructure and service provider concept requires some more time to materialize, while this happens companies which have significant computing resources in-house can set up their own cloud.

Most of the software applications available are not performance tested on cloud but are optimized for client server environments. The cloud puts a different usage load on applications than client server apps. For example Cloud  Apps have to handle increased number of I/o interrupts or connections to transfer data through slow network .

Cloud Apps would handle almost all computing on server side to work with increasingly thin clients.

Costs

Clouds like any other option have their tradeoffs. They may prove to be more costly if the business has large user base and cloud costs are charged per user.

Also network cost will increase with distance between cloud provider and client. Cloud services will require a guaranteed bandwidth from cloud to user, instead of relying on inexpensive but uncertain bandwidth of existing internet infrastructure.

Managing risk and compliance issues -

Clouds bring new focus to i)Business continuity , network and security risks ii)Compliance strategies to various regulatory requirements or in house policies. Let’s examine three prominent scenarios of usage of clouds and the risks and compliance issues they pose or address.

• Dumb terminals connected to a public cloud – It will be difficult to manage compliance issues with critical show stopper network risks and vendor lock in issues.

• Dumb terminals connected to a private cloud which is also connected to a public cloud.

This would be an ideal clou d solution, thin private cloud has same portfolio of risk exposure and compliance as of in house IT infrastructure.  The company has its own cloud to reduce impact of network outages and it provides in house computing to data applications dealing with confidential data. This cloud solution provides manageable network risks, compliance issues and vendor lock in risks by retaining sufficient computing capability in-house. As of now, Interoperable clouds standards are evolving and are in their early stage.

• Not so dumb terminals connected to one or more clouds-In this approach companies keep some hardware but don’t opt for private cloud to cater to applications that could not be put on public clouds owing to risk or compliance issues.

The solution needs thick clients for users. It has more flexibility but no clear benefits. It adds to complexity of managing IT infrastructure and cloud as well and has network risks.

The awareness of cloud usage alternatives and the associated risk, performance and cost portfolios as discussed above will help in putting a successful cloud transition strategy in a yet to mature Cloud computing environment.

It also emerges that acceptable computing experience on cloud needs a regional cloud rather that global clouds serving over national and international regions.

The diagrams and data paths have been chosen carefully and they can be debated over redundancy, risks and costs.

More coming on this space…

Gyanendra Singh– Sr. Tech Lead

Introduction

Cloud Computing now finds a way through most technical discussions. Irrespective of the medium (Web Search, Twitter, Online Journals), you will find Cloud Computing being discussed. But ask anyone the definition of Cloud Computing and you will be hard pressed to get two exact definitions from different people.

Some define it as servers available for rent to storage or applications that we access from the browser, etc. All of them are right in ways. But is there a definition that describes the essence of Cloud Computing. While there might be various definitions of that, we shall look at one of the definitions of Cloud Computing in this blog post. It is known as the 5-3-4 Formula.

The 5-3-4 Formula is further broken down into the following:

5 key characteristics

The key characteristics are:

• On Demand Self Service: As the application owner, you should be able to provision additional computational resources for your application, look up reports and perform Administration tasks without requiring human intervention. Cloud vendors are now providing monitoring and provisioning tools where the user is in full control of provisioning things.
• Ubiquitous Network Access: We are living in a world where a desktop and laptop computer is not the only way that people access the Internet. Mobile device access is increasingly becoming a major source of traffic to your application. And it is not just mobile devices but devices fitted in vehicles and even our Televisions that are accessing the Internet. These explosion of device types and various networks around the world brings to the important concept of “ubiquity”. It means that no matter from what device or network , one should be able to reach your application via the public cloud networks. And this access is the cornerstone of cloud computing. Always available and from anywhere.
• Location Independent Resource Pooling: This feature is key to providing your additional resources. As a consumer one should not be worried about how the cloud allocates additional servers, takes care of multi-tenancy and allocation of physical and virtual servers in different geographical locations to meet your demand. Location Independent Resource Pooling is the ability of the Cloud to do exactly that.
• Elasticity: If you have released any online web application you can now look back and see those days where the number of hits to your sites peaked due to a new release or a press announcement. There will be spikes in user activity and you cannot scramble around for additional hardware when that happens. Cloud Computing addresses this through Elasticity. What it means is that the Cloud Vendors will automatically allocate you more resources as your application needs it. Extra Servers, more memory, more storage, etc will be available to your application if the need arises.
• Pay per Use: This is one of the key characteristics and one of the reasons for cloud computing gaining acceptance. Just like you can seldom predict your peak usage, it is important that you pay only for the amount of resources that you use. Cloud Computing vendors have various schemes starting with freemiums and then tiered pricing that clearly specify the quotas that are available based on what they charge you. At any point in time, you can switch between plans and allow for extra charging depending on additional resources that your application might use.

3 delivery models

Cloud Computing is typically delivered in 3 models and each one builds on the other

• IaaS : Infrastructure as a Service. This layer is about providing processing power (CPU cycles), storage, bandwidth, networks and other infrastructural resources. Some of the key players over here are Amazon Web Services (AWS) , Rackspace and others.
• PaaS: Platform as a Service. This layer builds on top of the IaaS layer and provides a developer with a complete stack on which to build applications. The stack comprises APIs that abstract out the low level details and allow the developer to quickly use them to build out the application. The key players in this space are Google (Google App Engine), Microsoft (Azure), Sales Force (force.com) and recent entrants like CloudFoundry from VmWare.
• SaaS: Software as a Service. In simple terms, these are ready made applications that you can use either for free or a fee. You simply need to sign up, optionally pay and login to use the software. Examples of this include SalesForce (CRM), Gmail, Google Apps, etc.

4 deployment models

The 4 deployment models available are given below:

• Public
• Private
• Hybrid
• Community

Typically, the public cloud is what is best known to most of us. While classification does exist for other types like private, hybrid (mix of public/private) and community – they are not that prevalent and no clear classification exists. So for all practical purposes, when we refer to the cloud, it is public and with appropriate authentication and access control mechanisms built in.

So the next time, someone asks you to define “Cloud Computing”, you can simply say “5-3-4”.

Romin Irani– Principal Architect

Introduction

Desktop systems gained prominence in late 80s and they derive their name from the concept in which the entire computing unit can be placed on top of a desk. There are various uses of desktop computers dictated by the desktop users and their requirements.

• A student or business user might use the desktop for their daily activities like creating Word documents, spreadsheets, presentations or a calendar application to schedule events for the day /month / year.
• A home desktop may be used for storing multimedia files like images, mp3, videos or browsing World Wide Web.
• A person might be having some specific requirement depending on the job at hand and may use a software suite to do that. A good example would be photographer or designer using Photoshop for image editing Or a music artist using an Audio mixing setup for music recordings.

Desktop Systems:

Desktop systems are nothing but desktop computers but available on the cloud.Today internet connectivity and computers  have become quite inexpensive and are widely available while Mobile phones have moved beyond as a texting and calling to a ‘must have’ device, featuring giga bytes of Ram, giga htz of processing power and 4 ~ 7 inch displays.

With the multiple platforms available in the market, currently the convergence between different platforms is done by developing apps for each of the platforms. Let us take an example of a simple application – Dropbox.

Dropbox allows you to save your file on a remote system; it is your dedicated space on internet.  Dropbox offers a free space of 2 GB and it will automatically sync all the files that are in your Dropbox folders across all the devices that have Dropbox client installed. This is a typical example of SAAS where you dump your files on a system which gets replicated across all the devices (if they are connected and switched ON). There are many other cloud based services where not only software but platform and infrastructure also as a service.

A few more services available in the market are:

• For documents, spreadsheets etc – Docs by Google, Office 360 by Microsoft.
• Music – iCloud by Apple and Google music by Google.
• Books – Amazon Kindle, Google books and iBook by Apple.

These applications can be installed on your current desktop system, mobiles and tablets. Space of your “device at use” will be used only for caching purpose to sync timely with cloud in case the application offers offline storage model. This makes your system pretty much a client in the SAAS model.

A cloud OS or desktop in Cloud is a concept that tries to provide an integrated space for all the services from within your browser either on desktop systems or on mobile devices. These systems will offer one stop solution for your daily computing needs whether it may be word processing, games, music or running development tools. Though still immature they try to mimic the current desktop offerings via a web browser.  Let us take a look at two such products –

EyeOS – Your desktop in the cloud

EyeOS is an open source initiative; Give it a try. It requires Apache and PHP 5 and doesn’t require a database. It is nowhere near a  professional OS, but it will give you a look and feel of native desktop running in browser and it does comes preloaded with few applications like word processing tools, calendar, IM to name a few. As the name goes – right now it is just eye candy.

CloudMe

Initially called iCloud, CloudMe is another company that is developing their operating system for the cloud since 2000. And yes they have made a pretty cool interface, it is best among the competitors. It is a clean, carefree, zero-configuration XML-based OS, running within browser.  They offer a suite of 40+ applications that you can install on your desktop in the cloud. It offers tools for SAAS application development that will run on their internet-OS.  Currently the registration is free and it also offers 3 GB of free space. You can try it here.

There are three other major players which have recently done great cloud services and it would be worth taking a look at these.

Google cloud solutions – Applications from Google require an active data connection and are pretty fast. Google is targeting the future where internet will be available in every corner of the earth and they all run from within any browser. The data is stored in Google servers. Although the model is great and holds a lot of promise, in current scenario for people who are already connected with internet 24×7, its full potential however will be realized only in near future with unlimited and uninterrupted connectivity being a reality.

Apple iCloud – Apple has recently launched iCloud, it offers seamless data syncing between all the Apple devices. Data sync capabilities are built into the applications. Apple solution is good for current scenario where people do get disconnected with internet and have to rely on offline storage model for completing the task at hand, be it making a spreadsheet or listening to music.

Microsoft LiveMesh – This is a product from Microsoft using which you can create a mesh of all the systems owned by you and having a browser running on any system to perform task on any system. It is like a refined version of Remote desktop. To add to this Microsoft also offers 5 GB of free storage – Windows Live Skydrive in the Mesh, that can be synced with all or a selective set of devices.

To Conclude

Desktop as a cloud is still immature, but yes it holds a lot of promise. To gain user acceptance, it has to provide the rich experience of desktop system and a facility to install majority of application or application clones that are currently used by a desktop consumer.

Pradeep Sharma– Technical Lead – Mobile CoE

Think about your usual work day where you invariably require authenticated logging in to various applications like your work station, checking your mails, etc. All these require you to put in your log in details to allow you access. It’s quite cumbersome, isn’t it? A single sign on would be a great solution to this in the sense that single login takes you to all the application you visit in a day at work. A proactive step ahead to this would be implementing it in a cloud environment where a user can log in once to a cloud and can access the entire system of applications without having to log in separately.

In this blog we shall first discuss about generic implementation of Single Sign-On aka SSO.Then we would take the concept forward by extending the use of SSO in a cloud environment.

Let’s start with what is SSO?

Basically SSO is a centralized access control mechanism used for multiple applications which could be independent and may or may not be interrelated. User authentication is done only once and further user requests to multiple applications are handled seamlessly.Know more about SSO here.

An appropriate analogy to help you visualize this would be iGoogle login where user once logged in can access multiple applications like Gmail/Google docs/Orkut accounts without having to login to each individual applications. Hasn’t this made our lives simpler?

Generic Implementation of SSO

There are various security mechanisms e.g. Kerberos TGT, Smart Card, One Time Password Token OTP, Integrated Windows Authentication a re few of them. We would not go in to the implementation details of these security mechanisms but in general the basic set of implementation considerations would include the following:

• SSO should know what all applications it would be catering to and accordingly it would be using the encryption/decryption keys for handling the authentication requests.
• Using different keys across applications is recommended as these keys are shared between SSO and Client applications. Securing these keys is equally important to make sure the credibility of encryption mechanism is not compromised.
• SSO would manage a central user Database which contains user roles along with the authentication parameters. These roles could be queried by the serving application to decide the user privilege/grants.

SSO Implementation in Cloud

Currently, , there are two approaches available for using SSO in Cloud:

1. Self implementation of SSO adapters based on the exposed APIs from the Cloud Service Providers, which would include writing the code to integrate with cloud applications.
2. Another approach, a simpler one would be to use Out-of-Box SSO Products available in the market or use the SSO as a service (SaaS) from Cloud itself

You can also refer this link for further related information that you may want.

Once in place, it would simplify things from the user perspective as user would have to login only once either on the machine or a web portal depending on design and then user can access various applications and resources seamlessly. By leveraging Single Sign-On capabilities an organization can merge their IT infrastructures and Cloud in a seamless manner and enable a user to access both the user’s desktops and any Cloud Services via a single password.

Some of the Benefits to mention:

• Users get convenience of single user-id/password which is easier to manage/remember.
• Saves on user time by avoiding re-entering password while switching between applications.
• Stronger security and Easier for System Admin as the management of user accounts is centralized.
• Helpful for the provisioning and de-provisioning of passwords. If a new employee joins or leaves the organization there is only one single account to activate or deactivate rather than having multiple accounts to deal with.
• In addition to preventing security issues, there are significant costs savings to this approach.
For example, Single Sign-On users are less likely to lose passwords reducing the assistance required by IT helpdesks.
• Allows anywhere, anytime seamless access.

Benefits usually come with some tradeoffs like:

• Security threat due to password leak/misuse could affect multiple applications/resources.
• SSO System should be Highly Available (HA) as failure is critical for multiple applications.

We know that SSO is not a new concept, but it is now finding new horizon for connecting organizations to Cloud service providers like Google, Amazon, Oracle. It is an evolving concept providing potential for enabling users to experience seamless access to their corporate applications along with email/social-network accounts, documents/files/photos and shared resources. Big Organizations have been using SSO systems to manage internal applications/resources since a long time but extending the SSO to cloud would be a major step ahead. Do write in your views so that we can share this important information in an interactive manner.

Jitendra Singh– Senior Software Engineer

Cloud Computing brings about real benefits to IT organizations by making available computing resources that you can pay as per your usage, while taking away the hassles of resource management. My previous blog gave a basic idea of what is cloud computing all about.This blog post focuses on how the Cloud can be architecturally used to drive your mobile applications across various platforms. In the process, we shall see that using the cloud, we can achieve a single layer that can drive the same mobile application running on multiple mobile OS platforms.

The last few years have seen the emergence of APIs (Application Programming Interfaces). In fact various organizations are now solely known by their APIs and have become popular among developers. Every popular site, be it Facebook, Twitter or even start-ups like Twilio are focused on exposing their core services and data via an API so that developers can take advantage of it. There are a couple of important things that is highlighted by these APIs. The first one is that they are exposed via standard mechanisms like REST and provide data typically in JSON/XML formats. The second one is that these services are primarily hosted on Cloud infrastructure. The Cloud infrastructure here is typically from the IaaS vendors (Infrastructure as a Service). Some of the key players in IaaS are Amazon and Rackspace, which provide computing resources, storage and bandwidth via a pay per use billing cycle.

Entire ecosystems of applications have developed around these services that have been exposed in the Cloud. And a large number of those applications are mobile applications. The interesting part is that the mobile application development landscape is pretty much fragmented. Each of the big OS vendors have their own language, toolsets and operating systems that make interoperable applications difficult to write. But the one place where they is a sort of a common understanding and which has resulted in a large number of client applications is that the Server layer i.e. the Cloud API exposed is pretty much the same. The REST API mechanism that is exposed over standard HTTP protocol helps create a client platform agnostic mechanism in which a developer can pick a language of his/her choice on the client side and simply code up the front –end i.e. the client application.

So a combination of an API, exposed as a Cloud Service via standard HTTP bindings is a great way to write a common server layer and power all your mobile applications via that. Doing so also addresses one of the defining principles in software engineering of reusing as much as you can instead of writing a layer for each client programming environment.

At high level you have the following architecture that can drive multiple mobile applications via a single REST layer that you expose in the cloud:

You may refer to “Extending cloud infrastructure to the mobile world” for more exposure.

To summarize:

• Build a common REST layer (API) that will expose functionality over XML/HTTP
• This common REST layer will be used by all Thick Client applications and Thin Clients. This means that even if you go the route of HTML web applications, they can use the same API.
• Further sophistication can be provided on the Server side to restrict access to certain kinds of devices. This helps in ensuring that you deliver optimum experience to the devices or even restrict access as needed.

Romin Irani– Principal Architect

Introduction:

Cloud Computing can be seen as the logical evolution in outsourcing IT services. The promise is that, with Cloud Computing, every company (big or small) can get IT services in a very simple way. Cloud Computing is an epitome of the change in use of IT Infrastructure and Services as the consumers will not have to spend capital of owning or renting the Hardware/Software rather they can use the resources and expense is cut down to usage only.

So, cloud computing would give extra business value over a long period of time along ensuring that the quick changing business needs can be supported better than using traditional IT services. It seems like creating a prospective horizon for changing the Information Technology world into different form than what we perceive it today.

With this change there would be certain pros and cons associated. As of now the visibility on the implications is not very distant and requires a wait and watch strategy to gradually build/change the business models for different domains.

Impact on various domains:

Having the basic idea about Cloud Computing ,in this blog we will discuss the pros and cons of cloud computing in general and would try to understand possible impact of these on the different domains.

We would see large range of highly scalable new generation agile products and services to choose from. These would provide abstraction from current process and thereby reduction in the overall cost.We also expect some standardization to come into picture.

Some of Pros are enlisted here:

Reduced Cost: Costing model is incremental i.e. pay only for what you use thus saving the money.

Increased Storage: Since resources provided by the Cloud Service Provider are virtualized and can be scaled up as required gives the consumer flexibility of unlimited storage space.

Highly Automated: Most of the things are responsibility of CSP like Software/Server update, physical maintenance of infrastructure, licensing of software/tools etc

Mobility & flexibility: Information/service is accessible from anywhere seamlessly if cloud is accessible

Currently this seems like dominance of few gig players (Amazon/Google/Oracle) and thus rise of new industry leaders and IT vendors will leave fewer options for small software companies to cope up with the evolving business model.

The other cons that we can list are:

Security: A proper security model for cloud computing is still awaited. Physical location of hardware and software being unknown would make site inspections and audits difficult. There is also risk of data loss due to improper backups or system failures in the virtualized environment.

Dependency (Loss of Control): Most of the critical things are under control of CSP (Cloud Service Provider) like – Quality of Service (QoS), Contingency Procedures, Measurement of resource utilization

Cost: Cost structure would be difficult to analyze during initial setup/migration as there could be associated hidden costs for backup, restore, disaster recovery, issue solving and compliancy regulations. Moreover future changes in the cost should also be taken into consideration.

Decreased Flexibility: Migration to different CSP would not be simple and would require proper planning starting right while developing the applications (making them generic and portable)

Taking specific businesses into account:

Telecom: Telecom sector is one of the biggest consumers of IT infrastructure, may it be software or hardware so we can expect it to be affected at all levels viz Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Cloud Computing is based on virtualization of the resources much like running multiple VMs on same hardware, we know that there would be some trade-off for this in terms of lag due to network/virtualization. The lag of fraction of second could be fine for data traffic on the network but may not be up to mark for real time voice/video based services. So it looks like some services would still require dedicated resources/hardware to meet up the SLAs.

Healthcare: Quite obviously medical businesses generate huge amount of data like patient records, biomedical research, insurance claims. It is one of the major concerns for hospitals, insurers and researchers to manage this large amount of data. Cloud computing would offer each of these players a potentially more cost-effective alternative to traditional data storage and management solutions. But still there is fear that sharing a platform in a public cloud would compromise privacy regulations, So need of a strong regulatory standard is necessary.

E-Commerce: Cloud computing would be boon to the businesses in e-commerce as they are the ones working in a pretty similar fashion since a long time viz usually these businesses run virtually on the internet only,  for this  they have to setup virtual infrastructure and services from different vendors. Interaction with various vendors will now be eliminated and limited to a single service provider who can take care of all the requirements. So we expect a substantial growth of e-commerce to be obvious in near future.

Outsourcing: Most of the current business models associated with IT infrastructure and services do include outsourcing of various activities may it be maintenance or labor. With business migrating to cloud the need for these would be decreasing in long run as most of the things would be taken care by CSP. This means that there would be a downfall expected in requirement of traditional outsourcing but on the other hand the increase in specific outsourced services for migration to cloud can be seen. Overall there should be major change/shift in the outsourced services but this would be gradual.

Currently IT costs seem to be quite competitive but still remains inflated as compared to other products and services that we use today. We do see cloud computing as a potential candidate who can play the role of game changer and help to regulate the IT economics.  But the side effects and implications are yet to be well totally foreseen and understood. Kindly share your thoughts and understanding on the above topic to have a fruitful interaction.

Jitendra Singh– Senior Software Engineer