How to be a cloud

Embracing an internal cloud model for IT service delivery will require most agency IT departments to change the way they do business.

When Utah decided a private cloud was the way to accommodate a statewide data center consolidation project, it fundamentally changed how its IT department does business.

The department has gone from the equivalent of a build-to-order machine shop to an e-commerce provider — with implications for everyone involved.

“Before, customers would often specify, ‘We want this server,’” said Dave Fletcher, Utah’s chief technology officer. “They would get into the details of the IT requirements. Now that is more transparent to them.”

Agency customers now visit the Department of Technology Services’ website to find what they need. Among other things, they can choose infrastructure as a service, which uses virtual servers rather than physical boxes, or software as a service (SaaS), which provisions the application and server platform in one fell swoop. The department also lists rates for its cloud products and offers them on a subscription basis.

It’s a services-focused, fee-based cloud model that will likely appeal to CIOs across government because of its flexibility, cost-efficiency and responsiveness.

Getting there, however, will take more than simply repackaging technology. In many cases, IT departments will need to significantly modify the way they operate, how they plan and pay for the infrastructure they build, and the kinds of skills their employees need to have.

“Some of the main things that are going to be affected are things around the management side rather than the technical side,” said Bob Monahan, director of management information systems at Dynamics Research, an IT consulting and services firm. “You are going to be managing most of your acquisitions in the form of service-level agreements as opposed to [saying,] ‘Let’s buy x number of CPUs.’ This is not a straightforward change.”

Becoming a service provider

Indeed, the server-to-service shift is a key component of the management makeover, which means the task of provisioning takes on a whole new shape.

“If you are going to go with a hybrid or private cloud approach...you are going to need to look extensively at how you are going to provision that,” Fletcher said.

Utah’s model is a hybrid that combines a private cloud with public cloud services, such as Salesforce.com’s SaaS offering.

Experts say agencies need to identify the kinds of services they want to offer and then build them with the cloud delivery model in mind. That means developing services that will be shared among multiple customers instead of creating a series of individual solutions.

Using SaaS as an example, Fletcher said: “Instead of customizing solutions for every agency, you are providing software as service. That needs to be a little more generic, but it has to have all the key capabilities...agencies are going to need. You’ve got to be able to think through that in the development process.”

After developing cloud services, the next step for the IT department is to describe them in a way that potential buyers can understand.

“One area where things need to change in some organizations is how services are articulated from an organizational perspective,” said Simon Szykman, CIO at the Commerce Department.

For example, IT groups should create service-level agreements (SLAs) for the services they offer — a way of thinking that might not come naturally to organizations that manage IT for a single entity. Private clouds offer IT as a shared service, and SLAs become important in such settings because a technology department might need to support multiple agencies that have different performance needs and budgets.

That model will become increasingly common at the federal level as agencies consolidate data centers and look for opportunities to share centralized infrastructure among diverse end users. For example, Commerce’s Census Bureau, which is developing a private cloud, plans to offer services to other agencies beginning this month.

“Once you start providing services to other organizations, those types of availability measures and other types of metrics need to be articulated and documented,” Szykman said.

Typically, a service catalog on the IT department’s website plays that documentation role. Catalogs usually list services, corresponding SLAs and the prices associated with them. Utah’s site also has a wizard to guide end users through the online provisioning process.

So far, agencies have adapted well to the IT department’s new operating style. Buyers “are getting accustomed to being focused on services rather than on hardware and software,” Fletcher said. “And we are making more and more of those services available through the Web interface. It is more of a self-service process in which they are able to be provisioned immediately.”

Cloud economics

Another issue with providing cloud services is knowing how to price them. That could be new territory for IT shops that haven’t previously charged internal customers. But even groups that have assessed fees before will probably have to rethink that process for a cloud model, where there might be much greater variability in use patterns, some IT executives say.

“I don’t think anybody has really figured out how to do the chargeback systems,” said Susie Adams, CTO at Microsoft Federal. “Most are still struggling with this: How do we charge the groups that are using the services appropriately and make sure that gets in their budget line items?”

The issue with cloud pricing is granularity, experts say. Agencies can have a difficult time figuring out how to charge customers for power consumption or for using a certain amount of rack space.

“Agencies are not used to recovering costs with any granularity,” said Doug Chabot, vice president and principal solutions architect at integrator QinetiQ North America. “In some cases, they don’t recover costs at all.”

Recovering costs based on use requires a metering capability, but most agencies lack the software necessary to gauge consumption.

In addition, cloud customers will need to transition funds from capital budgets to operations and maintenance (O&M) budgets to pay for cloud subscriptions. That switch could force them to clear a bureaucratic hurdle or two. In addition, pay-for-use pricing introduces variability because actual use might spike above expected consumption.

“It’s a different budget for capital items versus O&M items,” said Myles Weber, vice president of cloud and community services at Appian. “It’s like buying electricity.... You are paying on a utility-based model for cloud services, and that has variability.”

Yet in some ways, the cloud makes pricing easier. Szykman said an IT group might be able to develop a price for a virtual server that amortizes the upfront technology investment and the costs for systems administration, maintenance and data center facilities.

“That can all be rolled up into a single unit cost per virtual server,” Szykman said. “It can simplify pricing.”

Nevertheless, IT organizations will need to get a handle on their cost structures. “The key is for the service provider organization to know their cost model well enough,” Szykman said.

If it fails to do so, the IT shop might not be able to adequately recoup costs. If an organization can’t bring in enough money to support promised service levels, the cloud model becomes unsustainable.

The impact on staffing

Cloud computing’s reliance on virtualization and consolidation means less hardware to house and maintain.

Utah used VMware technology to virtualize servers, which allowed it to shrink the number of servers from 1,800 to 500. That smaller population helped the state reduce its data centers from more than 30 to two, for a savings of about $4 million a year.

In addition, the shrinking hardware population typically reduces the number of IT employees needed to manage servers and software.

The Defense Information Systems Agency experienced a shift in personnel with its Forge.mil line of services. Essentially a platform-as-a-service offering, Forge.mil supports the Defense Department’s software developer community. It includes SoftwareForge, a free system for managing application life cycles, and ProjectForge, a fee-for-service capability for development teams that need greater privacy.

Forge.mil “requires far fewer administrators [because] it’s an enterprise service that greatly reduces the number of servers and databases to manage,” said Dan Gahafer, DISA’s Forge.mil program manager.

But the platform also requires people with new skills. Gahafer cited community managers — a recently added job category — as one example. Community managers work with the developers who subscribe to Forge.mil’s services.

“A good community manager possesses a combination of analytical and people skills, combined with a deep understanding of the products we use to provide the service, our business processes and our organizational culture,” Gahafer said.

Szykman said the cloud has also had an effect on IT staffing at the Commerce Department.

“The skill set of a business IT service provider is not the same skill set needed to manage the physical IT infrastructure,” he said. For one thing, there’s a big difference between the expertise needed to write SLAs and the skills involved in patching servers.

The cloud’s tendency to ease personnel demands coincides with the stark economic realities many agencies face. Utah’s data center consolidation has helped the state deal with declining budgets and reduce IT department staffing by 20 percent through attrition rather than layoffs, Fletcher said.

Utah officials, however, continue to look for people who can write applications for the state’s cloud. “We’re always in the need of developers that have skills like Java and .NET and can develop applications that are customer-facing,” Fletcher said.

Utah’s experience sums up a central challenge of private clouds: It’s a computing transition that is as much about people and processes as it is about technology.

Automation tools: A must for private clouds

Agencies seeking to run their IT departments using a services-oriented cloud model should strongly consider automated tools to help them root out delivery problems and ease service provisioning, experts say.

Cloud automation could mean a single integrated platform or a collection of tools. It starts with a service catalog and the automated features that help customers select the services they want. It then moves into monitoring cloud services and managing any physical resources.

The ability to manage services for multiple customers requires more detailed visibility into the inner workings of the technology, said Dan Gahafer, program manager of the Defense Information Systems Agency’s Forge.mil, a software development platform for Defense Department users.

Automation “is no longer just nice to have,” Gahafer said. “It’s an absolute imperative to being able to identify and resolve issues and prospective incidents before they occur.”

Automation is also essential when it comes to the ability to provision resources on the fly and deprovision those resources when they are no longer needed, he added.

Agencies have a number of automation options. BMC Software, Cisco Systems, Hewlett-Packard and IBM are among the vendors providing such products, and many start-up companies also target that sector.

However, Jeff Deacon, managing director of cloud services at Verizon Business, said agencies might not find everything they want in one product. “I have yet to see a commercial product that provides a complete end-to-end solution,” he said.

Verizon Business took a do-it-yourself approach to automating its cloud service with a solution that includes some commercially available components.