Cloud architecture has grown to be so normal that we forget what its definition includes. Many of us can remember a list of features like on-demand resources, optimal performance, and delivery of services. Others may know the "-ilities" like availability or scalability. Developers often start with the inherent promise to the customer: You will have access to the services you need whenever you need them, and with the availability and reliability you expect.
The definition of cloud includes all these details and more, and we will break down those components over a series of articles. The team co-authoring this article regularly supports the creation and maintenance of private and hybrid cloud operations for companies across the globe. We will outline the important aspects of a successful cloud operation based on our own experiences and backed by industry standards.
In order to get into depth on the topic, we must first start with who and what we're defining as cloud.
Defining the key components of cloud computing
The definition of cloud computing in NIST 800-145 covers the required practices ranging from
delivering different cloud types, and from private to public cloud. It also covers the various consumption models, from IaaS to PaaS. When we refer to cloud, we are starting from this definition of cloud computing:
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
Specifically, we propose the usage of the Capability Maturity Model Integration for Services (CMMI-SVC) model. CMMI-SVC provides a framework for the maturity of the processes that combine the people, procedures, and tools to deliver capabilities.
The five practices below structure the work packages that drive continuous improvements around service consumability, security, compliance, availability, and scalability.
Here is a brief introduction to these five practices:
- Self-Service Delivery: Enabling developers, operators, and other users to access the cloud resources they need when they need them across the enterprise with minimal friction.
- Operations: The process of delivering the cloud platform in such a way that it meets the agreed Service Level Objectives (SLO) over time, including procedures to ensure scalability, resilience, repairability, security, and continuous compliance.
- Resource and Capacity Management: Establishing and maintaining optimized resource capacity and availability at a justifiable cost. Resource and capacity management covers all layers, from infrastructure (compute, storage, networking) to software and people.
- Governance: The decision-making model. Organizations should be designed to ensure that investments support business objectives and capture the system that drives the cloud team's behavior, decision making, and long-term measures of success. It includes ethics, risk management, compliance, and administration.
- Lifecycle Management: Cloud technologies often have short release cycles that demand robust processes to ensure timely upgrades and consistent configuration and stability across releases. For example, Kubernetes has a quarterly release cycle for new features while continuously rolling patches and security updates.
This article establishes the NIST 800-145 definition of cloud computing as a baseline for our understanding of the technology. The five factors of CMMI-SVC practices provide a framework by which thousands of organizations adopt and support reliable private cloud services.
With these definitions outlined, we will go further into the practice of cloud management in articles to come. If you have questions or specifics you would like us to explore in future articles, let the team know at email@example.com with the subject line [Define Cloud].