As we continue to deal with the ambiguity of “public” and “private” definitions for cloud deployments, it occurs to me that most of the unknowns created in that ambiguity can be determined by asking “Who?” questions. At first, this may seem trivial since “public” and “private” naturally lead to the questions “Who can use this cloud?” But it isn’t quite that simple.
In a previous post I argued that “public” and “private” are overloaded in industry parlance, and that one must ask more specific questions of proximity, ownership, management, and tenancy to get a precise understanding of what someone means when they say “public” or “private” to define a cloud. At the risk of appearing obsessed with defining these terms, I’m augmenting that and adding a fifth question of “scope” which captures the NIST’s intended meaning for “public” and “private.” These five questions are all “Who” questions, and the answer may differ depending on the cloud. To be specific:
- Proximity – “On- or Off-premises”
On whose premises is the equipment backing the service installed? - Ownership – “User or Other”
Who paid for the equipment and continues to pay for its upkeep? - Management – “Self or Outsourced”
Who is responsible for making sure it is operational? - Tenancy – “Single- or Multi-tenant”
Of those using this cloud, who else can I potentially “see” when I am using it? - Scope – “Public or Private”
Who outside of my organization or company is allowed to also use it?
And why is it important to be so precise in defining these terms and questions? Because the success of hybrid cloud deployments depends upon them. One must create connections that traverse ownership boundaries in order to compose multiple clouds into cohesive functioning distributed systems. The nature of the relationship (spatial, legal, business affinities, etc.) between owners of the different attributes has a direct effect on the problems that will be encountered in crossing that boundary, and the solutions required to overcome them. Some are fairly obvious, such as going from on-premises to off-premises requires WAN links and optimizations. Others, such as joining a single-tenant to a multi-tenant may raise compliance issues when single-tenant assumptions no longer hold in the other cloud.
