OK get your scorecards out this could get confusing. Today it was announced that a new open cloud group was launched at OSCON. It is called the Open Cloud Initiative. The group is a “non-profit organization established to advocate open standards in cloud computing”. The OCI is modeled after the Open Source Initiative that helped define OSS and OSI accepted licenses.
The OCI says their purpose is “to provide a legal framework within which the greater cloud computing community of users and providers can reach consensus on a set of requirements for Open Cloud, as described in the Open Cloud Principles (OCP) document, and then apply those requirements to cloud computing products and services, again by way of community consensus.”
This is all fine and dandy and sounds grand. But consider this. In addition to the OCI, we also have the OCC (Open Cloud Consortium). The OCC
• Manages cloud computing infrastructure to support scientific research, such as the Open Science Data Cloud.
• Manages cloud computing testbeds, such as the Open Cloud Testbed.
• Develop reference implementations, benchmarks and standards, such as the MalStone Benchmark.
• Sponsors workshops and other events related to cloud computing.
The OCC is made up of some major government contractors, agencies and other large corporations.
There is also OpenStack, the open source cloud platform originally started by NASA and Rackspace, but now a major force in cloud computing with lots of major corporate sponsors and contributors. Don’t forget the CSA, the Cloud Security Alliance which shepherds several open cloud projects including Cloud Audit. Then there are companies developing open source cloud software like Cloud.com (Citrix now), Eucalyptus Systems, etc.
Confused yet? It seems when it comes to the cloud, open is breaking out all over. But is that a good thing? Can we have too much open in the cloud?
The cloud is different than open source software. In the OSS world we had software and it was licensed. The source code to the software and the license was what determined if it was open. But in the cloud the picture is much more, well, cloudier. Cloud is not just software, it is services, it is software consumed by users not even knowing they consumed it. This all gets very confusing.
From the confusion point of view I guess this will all shake out over time. Those groups and movements that make sense and add value will grow, those that don’t will fall by the way side. Call open cloud Darwinism.
Beyond the confusion angle can we be too open? Where is the special sauce that will give one cloud provider an edge over the other? Will we have a Linux or worse a Unix cloud provider ecosystem splintered in to so many shards that no one will gain critical mass? In Linux, Red Hat certainly set their mark and Ubuntu and Suse seem to have earned a place. Will we see a few leaders emerge in the cloud? If I was betting, OpenStack seems to be the early smart bet. Now of course I realize that all of these groups have different charters and play in different worlds. But to the average IT person or worse the non-IT person it is just going to seem like one open mish-mash.
I am all for open clouds and for open in general, but having fewer, stronger open cloud groups I think would be better for everyone.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.