Cloud computing offloads legacy hardware, balances loads, and puts the focus back on the application: Interview with CIA veteran Bob Flores and Appistry founder Bob Lozano
StoryApril 26, 2010
Though the precise technicality behind Internet-based cloud computing?is not often understood, we've all heard of and likely used at least one of its incarnations: Google, Amazon, Yahoo, Facebook, or even SalesForce.com. However, you might be surprised to learn that the Defense Information Systems Agency (DISA) is looking into it. Editor Chris Ciufo recently interviewed Bob Flores, a 30-year CIA veteran and Bob Lozano, founder of Appistry, to explore the emerging trend. Edited excerpts follow.
Though the precise technicality behind Internet-based cloud computing is not often understood, we've all heard of -and likely used - at least one of its incarnations: Google, Amazon, Yahoo, Facebook, or even SalesForce.com. However, you might be surprised to learn that the Defense Information Systems Agency (DISA)'s fiscal year 2011 budget estimate states that, "The President's FY 2010 budget emphasizes the trend towards cloud computing as a key tool for improving innovation, efficiency and effectiveness in Federal IT. The FY 2011 funding will continue "towards a more elastic computing, or cloud computing, environment." To explore this forthcoming DoD adoption of cloud computing, Editor Chris Ciufo recently interviewed Bob Flores, a 30-year CIA veteran and Bob Lozano, founder of Appistry, to explore the emerging trend. Edited excerpts follow.
MIL EMBEDDED: So I use simple cloud computing services such as salesforce.com, Google documents, or Dropbox, accessing them from my Internet browser while the actual application resides elsewhere and the “magic” just happens?
LOZANO: Absolutely. How cloud computing works is that there’s the infrastructure at the bottom layer, sometimes referred to as Infastructure as a Service or “IAAS.” Then there’s the cloud platform or “Platform as a Service” in the middle. And then there is “Software as a Service offering” or “SAS” at the top. All the examples you cited are Software as a Service offering.
MIL EMBEDDED: I assume Appistry provides the cloud platform in the three-layer model?
LOZANO: That is correct. So as a platform provider, we make it very simple for anybody who wants to make their own Software as a Service offering.
MIL EMBEDDED: So can users use their own existing infrastructure?
FLORES: Right. They can use their existing application layer and existing hardware layer, and they can stick Appistry in the middle of it. Appistry takes the applications and spreads them across the computing resources that are available. So users are not locked into a certain server. Through the management piece, users can also limit an application to certain servers if they want to.
MIL EMBEDDED: Is the infrastructure hardware typical rack-mount servers like you’d see in any ISP or in the Internet cloud?
LOZANO: It can be. It can also include much more aggressive commodities from there. One way to think about it is an ISP. If it’s primarily doing purely Web-based serving or Web-based technologies, then it will tend to be more consistent, for rack-mount 1U kinds of things. But in many cases they might have dialed it up for things like the database and that sort of thing. We would enable that to be rack-mount style or even more commoditized [platforms].
FLORES: [Appistry’s SAS] can also be utilized on virtual servers, alleviating the need for homogeneous or expensive dedicated “iron.”
MIL EMBEDDED: You’re saying the Appistry SAS does a good job of abstracting legacy hardware and legacy applications and enables tech insertion and tech refresh. So could the Aegis control system, for instance, be taken from its existing infrastructure and ported to something different, or be spread across other pieces of Navy infrastructure?
FLORES: Perhaps, it all depends on exactly how it was written.
LOZANO: At a high level, there’s the infrastructure level out there that either comprises physical or virtual servers, as we mentioned. But another question that arises when, let’s say, I have 10 or 100,000 of these servers is: How am I going to assure that they’re all operating with consistent “fuel” for the applications?
Appistry handles this scenario via the Cloud IQ Manager, a hardware management platform. That way, the platform utilizes self-organization techniques, a lot of pretty advanced concepts so that the operator doesn’t have to worry how many servers are operating, whether 10 or 100,000.
FLORES: And not only that, cloud computing is also known to be “elastic.” To illustrate this concept, let’s take something like a payroll application. If the payroll runs once a month, then when it’s between run times, it might actually be up and running and processing tasks, but it’s not doing its heavy computer-intensive executions and so it won’t require the computer resources that it will when it’s actually payroll time. In the past you didn’t have any choice. You would have to say, “Well I have to account for surge, so I have to go buy a server or a bunch of servers that are big enough – or if I lash them together they’ll result in a server that’s big enough to handle the load when I surge on this payroll application that I’m processing.”
MIL EMBEDDED: Meaning: You had to design to the worst common denominator.
FLORES: That’s right. But with cloud computing, you don’t have to do that because the Appistry layer will help monitor the application by saying, in essence, “Oh you need more resources? No problem. I see some other resources out here. I can grab those resources and allocate them to you while you’re doing your surge processing and then I’ll release them.”
MIL EMBEDDED: So the big benefits of cloud computing, then, are resource elasticity and resource loading such that you can bring additional processing on-the-fly?
FLORES: Yeah, it’s kind of both. In the past we’d say, “OK, well we know what’s going to happen if the payroll needs to surge, we’re going to need this kind of CPU resources” and, “Oh well, if the financial application needs to surge, then it needs this kind of resources available.” And you basically had to add the two together; you could never rob Peter to pay Paul, but now you can. And so now maybe instead of having x+y, you only need to have x + half of y [processing resources].
MIL EMBEDDED: Is cloud computing reliable?
LOZANO: Yes. Let’s say you have a server that can be used for anything from simple Web applications to much more sophisticated distributed applications, things like next-generation applications and so on. Then for example, suppose you wanted to make those commodity processors more reliable. Using a platform layer, configured around our Cloud IQ Engine, many virtual or physical machines’ infrastructures are “ganged” so that they all look like one compute resource and can back each other up.
That way, an arbitrary number of computers can look like one computer to the application, so that developers don’t have to do a lot of extra work as the application grows. This is accomplished again through cloud computing’s capability to scale up and down or, as mentioned before, its “elasticity.” It means things like if you need it to be more reliable because maybe there are increased drop levels, then you can dial up the level of reliability provided. It will happen without a lot of manual interaction or programmatic work.
MIL EMBEDDED: So Mr. Flores, you’re a CIA veteran. What is your perspective on all this from a government adoption standpoint?
FLORES: I’m on Appistry’s federal board of advisors as well as an independent member on their board of directors because they have a technology that I totally believe in. And it’s vitally important for government entities – be they defense, intelligence, or other – to embrace cloud computing in a big way. For most government agencies that’s going to mean private clouds, as opposed to public clouds, however.
MIL EMBEDDED: What are the drawbacks of that?
FLORES: Obviously there is a whole host of reasons why a government agency might not want to have its data out in a public cloud, but government can still gain the economies of scale that the cloud offers by building their own private cloud. And when I say building their own, it doesn’t necessarily mean that they take everything government has today and throw it out; it just means they would use it more efficiently.
MIL EMBEDDED: What are the challenges then? Why hasn’t this happened to any significant level, or has it?
FLORES: The challenge is that there are a lot of sunk costs in applications already within the government. And so if you want to have an application that natively understands a cloud, then it has to be written for that. And so that requires a whole different level of skill and programming to do that. Things like Appistry come along and, as mentioned, they preclude you from having to do that.
And the defense industry is very excited about cloud computing. For a long time, the scientific community had what they called “grid computing.” And so that was a similar kind of concept but not really the same thing. With grid computing, you were actually reliant on the hardware that you had in place, and up until recently you didn’t really have this virtualization concept that came into play. But that’s the whole beauty of “the cloud.”
MIL EMBEDDED: How fast do you think the DoD will really adopt cloud computing in a forward-moving way?
FLORES: The key thing in all of this is that the big brass in the DoD world for the most part gets it. And so they’re pushing from the top to make this happen, and then the geeks in the basement are pushing from the bottom to make it happen. And that’s the fastest way to get anything done within the government, believe me.
MIL EMBEDDED: It’d be interesting to find out how this might affect the primes and subs in the middle. Can they actually go out to a COTS company like Appistry and say, “Well gee, it actually exists and we don’t have to write this from scratch. There go our IDIQ contracts…”
FLORES: That, frankly, is an issue with some of the integrators, and that’s where it takes some very strong leadership from the contracting officers within the government.
MIL EMBEDDED: What’s the biggest challenge then for Appistry in this market space? Is it getting the word out? Is it convincing the system integrators?
FLORES: In my view, it’s not a technology challenge, it’s more of a fiscal challenge.
It requires “new think,” and new think requires new contracts. And there have been a lot of cuts. So the agencies, particularly the intel and DoD agencies, unless they particularly apply to the efforts in theater, they’re under a lot of scrutiny and pressure to keep costs down. The government works in one- and two-year money blocks. For them, the ROI has to happen (in the case of the intelligence agencies) within a year, in the case of DoD within two years.
We have to remember that for the most part, the existing working budgets were defined three years ago and sometimes can’t change rapidly to reflect new ideas.
Bob Flores is the Founder and President of Applicology Incorporated, an independent consulting firm specializing in informatics and cyber security issues. Prior to starting Applicology, Bob spent 31 years at the Central Intelligence Agency where he held various positions in the Directorate of Intelligence, Directorate of Support, and the National Clandestine Service. Toward the end of his career at the CIA, he spent three years as the CIO’s Chief Technology Officer, responsible for ensuring that the Agency’s technology investments matched the needs of its mission. During this time Bob was also the Agency’s representative on several government-wide information-sharing committees and councils. In addition to his senior-level leadership and management positions, his career included assignments in applications programming, training and education, contract and project management, and line and staff management roles at various levels of the Agency. He holds Bachelor and Master of Science degrees in Statistics from Virginia Tech. He can be contacted at [email protected]
Applicology Incorporated 703-565-2788 www.applicology.com
Bob Lozano is an experienced entrepreneur, author, and cofounder of Appistry, a provider of cloud application platforms. Bob serves as Chief Strategist, after being the founding CEO. Bob previously founded and led PaylinX, a pioneer and leader in ecommerce payments (acquired by CyberSource {CYBS} in 2000). Prior to PaylinX, Bob founded several additional companies and held positions with SBC (AT&T), Monsanto, Sandia National Laboratories, and Intelligent Computer Systems. Bob holds a BSEE from the University of Missouri and an MSEE from Stanford, and has lectured on artificial intelligence at Washington University in St. Louis. He is the co-author of “Executive’s Guide to Cloud Computing” (Wiley, April 2010). He can be followed on twitter at boblozano or contacted via email at [email protected].
Appistry 314-336-5080 www.appistry.com