When the subject of application portability comes up, the interests of enterprises and cloud computing providers collide. Enterprise organizations want to run their applications seamlessly across on-premise IT, private clouds and Platform as a Service (PaaS) and Software as a Service (SaaS) public clouds. Portable applications give users flexibility to do this -- and to move to different providers -- but vendors aren’t eager send business to their competitors, said Dan Cornell, principal, San Antonio-based, Denim Group.
These clashing needs and the technology challenges of achieving application portability make cloud usage challenging today.
Ideally, an organization would be able to post applications and data to and from any cloud platform from any device. Today, however, it’s only possible to get an application guaranteed to run on two different clouds -- if the two different clouds are running the same software, said Mark Skilton, global director, Capgemini Global Infrastructure Services, Paris.
Without simple application portability, vendor lock-in is hard to avoid, experts said. “If IT does not like the service provided via its service-level agreements (SLAs) with a cloud provider, it will want to move to another cloud provider,” said analyst Bill Claybrook, president of New River Marketing Research, Concord, Mass. Today, making that move usually requires going through a second, from-scratch application migration. “For example, moving apps/data from Amazon EC2 to Terremark or Rackspace is not easy,” said Claybrook.
Even if the enterprise is moving to a cloud platform run on the same software as its previous provider’s, any variations in the software leads to performance issues. Providing application portability is more than just making the app itself portable, said Claybrook. The source cloud and the target cloud are very likely to be much different in a number of ways: different hypervisors, different operating system support, different security, storage and network models and different database system support. Meanwhile, management tools that work in the source cloud may be unavailable in the target cloud, etc.
The top barrier to having portable applications in the cloud from a technology point of view is the lack of standardized cloud APIs that can be used by vendors or cloud providers in developing their technology-based products. Nowadays, said Skilton, the thinking about application portability is to move away from portability to API exposure. API interoperability enables users to process applications on different clouds using common open APIs as a way forward.
The definition of an API may not be totally transparent, which causes problems. Sometimes a seemingly open API standard isn’t, because it’s be wrapped up in a particular platform, said Skilton. That eliminates the flexibility around using that API.
Two other portability problems are hard-to-port database schemas and uncertainty about customers’ rights to access and manage data stored in the cloud. “Even if you can get access to your data, you can't necessarily get it into another system because application data schemas aren't necessarily compatible,” said Cornell.
File formats, like SQL, in relational databases are not easy to port because relationships in the database must be consistent when being split over multiple databases, Skilton said. Today, portability with certain structured databases is still difficult. One answer is using non-SQL or non-structured data as a preferred standard of data encapsulation and storage.
Data access issues are an aspect of service-related data lifecycle management. Examples include the right to port data and the right to delete data stored in the cloud, said Skilton.
Enterprises must stand tough in contract negotiations about data access, experts said. Get full disclosure on whether third parties are allowed access to your data, said Claybrook. For example, can cloud providers be forced to provide data access third parties like the police? Do you have control over the physical location of data?
Portable application standards nascent
Several industry organizations – such as OASIS, The Open Group and The OpenStack Project – are the most-active organizations working on cloud portability and interoperability specifications. Only Open Stack was kicked off before 2012 – by RackSpace -- and Claybrook expects it to produce the best results in the long term. Today, however, all are immature, and cloud vendors’ support is iffy, experts said.
Most cloud services providers will support the creation of cloud standards, but a large part of this support will be lip service, said Cornell. They will not strictly adhere to the standards because they want to differentiate their products from competitors. “All of the vendors want to lock-in customers to their offerings,” he said. Typically, vendors dance around standards unless demand is overwhelming, as it was for TCP/IP.
Cloud portability tips in the meantime
While standards are being developed, enterprises bear the burden of facilitating application portability across cloud platforms. Experts offered these best practices:
- Make sure that the application and its supporting components, such as databases and tools, do not rely on an operating system and an underlying cloud infrastructure, Claybrook advised.
- Negotiate access to data and other facilities up-front, said Cornell. Once the contract is signed and data is moved onto the providers system, leverage for negotiation is limited.
- Find a management platform for applications that can support -- as much as is possible today -- several cloud environments, said Claybrook. This will only be of value, however, if the cloud provider supports that specific management platform.
- Understand the technical facilities, such as APIs, that provide access to the data stored by your cloud providers, Cornell said.
- Keep decisions to host data in the cloud at the top level of the organization, rather than letting employees procure cloud-based systems without sufficient review.
In the final analysis, application portability in the cloud is hard to achieve today without a savvy in-house application support team and a compliant cloud services provider. Consider the alternatives and the importance of interoperability and freedom from lock-in to the organization, experts said. If the organization’s portable application needs can’t be met, accept that there will be applications and data that simply cannot be moved to the cloud.