Cloud Computing Crash Course: Private vs. Public Clouds

In my last post, I wrote about the pros and cons of open source versus closed source CMS platforms. We hope you’ve developed a stance on the debate because we will now address another popular IT and business-related topic – public versus private cloud computing.

Before we breakdown the differences, let’s dismiss an all-too-common misconception about public clouds.

For the record, public clouds are secure

When people think about public and private clouds, they tend to believe that one is more secure than the other. Can you guess which one? You’ve probably guessed the correct one if you based your decision on the simple semantics of the two words. Many believe the more secure of the two types of clouds is private. But this isn’t necessarily true.

There are multiple tenants in a public cloud-based operating system, but the cloud infrastructure is designed to keep those tenants completely separate. Most security risks come from the actual software that is connecting over the network. Imagine this linkable software as your front door. This is where most intrusion happens and where faults in the software occur that allow the intrusion. It has absolutely nothing to do with the cloud infrastructure being less secure. In fact, large public clouds have been very focused on security issues for such a large audience, that it would be difficult for an enterprise to keep up with the pace which a public cloud can react to issues.

The patching of systems and network devices have a scale only large cloud providers can rival. Dedicated Financial Enterprise data centers are really challenged not only because of there smaller scale, its also not their primary business. Cloud providers are in the business of providing compute power securely.

Now that we’ve established that both public and private clouds are secure, let’s discuss the features that make them different. What are the advantages and disadvantages of each? Here’s the crash course.

Three key differences between public and private clouds

1. Cost

The biggest difference between private and public clouds is the cost. On the surface public clouds are cheaper because of scale. A public cloud like Amazon will have cheaper CPU, cheaper memory and cheaper storage than an equivalent private cloud provider simply because of the scale they operate at, they own more servers disks and data centers. But the business model of how they sell “compute time” really matters. The costs can rack up! On a public cloud you can spin up an instance, but you will be charged by the hour, regardless of how well you use that virtual server. That cost can accumulate fairly rapidly.

Instant Sprawl

When you don’t control the costs of public clouds you get into what I call instance sprawl — not keeping tabs on how servers are being utilized or if they’re even doing anything at all. It takes robust internal processes to manage creation and monitor usage to evaluate what servers are allocated and how effective they are. Since you have fixed allocation in the private cloud (a pool of servers purchased solely for the organizations use), you’ll very quickly run out of space, but you’ll be able to examine your state. Then, decide what you do and don’t need. It forces an organization where CPU, memory and disk are managed.

On a private cloud you buy underlying compute servers that you own or lease, so you spin up instances only on those servers.

2. Space

This second difference is not very obvious – it’s about utilization. I like to compare it to whether you have an infinite closet or a fixed closet. No ones likes to keep their closet organized. The private cloud is a fixed size closet whereby if you use too much compute disk or memory you have to get another closet (i.e. buy another compute node and expand your power). In that case, a private cloud forces management of what the instances are doing.

In a public cloud, if you lack that management you will very easily spend more than you expect. The infinite closet space is ideal when you need a lot of compute power for only a short amount of time.

If I need to solve a difficult problem which requires a lot of servers or compute time, you can allocate instances for only a couple of hours or half a day, and then give them back. That’s a model that’s not possible in a private cloud. Software that can take advantage of this is said to scale elastically. This nearly infinite pool of servers for use is ideal for rare but very compute intensive problems. Analysis problems where the results take a lot of time to digest are ideal.

This can’t be done in the private cloud because you don’t have that large compute server base to be able to dip into when needed.

3. CPU/ I/O Availability

Another big distinction between public and private cloud is the ability to control the availability of underlying compute node CPU. In a public cloud, you may be sharing the underlying physical server with another tenant and therefore, may unexpectedly become CPU starved. The time sharing of the CPU is not perfect. This is probably even more true of the bandwidth from the node. It can become saturated by another process on the same compute node, but not associated with your organization.

In a private cloud, since you own the compute nodes, you’re actually controlling the workload that can occur on any physical server. That consistency is important in some applications. Its’ also easy to create and use 10G networks in a private cloud. With a 10G network you are transferring about 1 gigabyte/sec. That’s a lot of I/O which allows big data or distributed data platforms to really perform. Public clouds are adding these features at a cost. 

People like the idea of private

In our business of software for asset managers, there is a perception that highly sensitive data needs to be on a private cloud. Really, the basis of that should not be thought of in the cloud software, but instead in the access to the data itself. As I mentioned earlier, both public and private clouds provide a high level of security. Cloud providers use world-class practices in terms of who has access to the hardware. Access control of the employees who can operate on the data DBA, systems administrators, etc., come into back end operations, whereas, most security risks happen through the software. That issue is not significantly different between a public cloud provider and a private cloud provider. I would challenge someone to know where exactly the disk drive(s) are that contained the sensitive data.

Many people still want a private cloud because they think it’s more secure, but the real difference lies in the utilization of the underlying compute resources and the remote access that privileged individuals have. This is generally outside of the cloud providers responsibility. It is in the design and operation of the software by the organization using the cloud. Calling the cloud “private” sounds better, but the basis is more complicated than most people realize. 
Cloud Computing Crash Course: Private vs. Public Clouds 1

Hybrid cloud computing – the Kurtosys solution

Instead of picking and choosing, at Kurtosys we use a hybrid cloud model — a blend of both private and public cloud computing. Using both is less expensive for clients, and by spreading things over a hybrid cloud we are able to keep aspects of our clients’ business as efficient as possible. Each of our clients has a choice based on their own needs to decide which is the best fit for them.

Read more information on the Kurtosys technology section.