Cloud Standards: Bottom Up, Not Top Down

IT has good reason to demand standardization in SaaS, IaaS and PaaS offerings. But what's interesting is that vendors themselves are just as interested, and in many cases, are driving standards efforts.
Provisioning And Orchestration

Of our three areas, provisioning and orchestration is experiencing the most change. The dominant "standard" in cloud provisioning and orchestration today is the Amazon Web Services API. You can find the AWS API in Amazon's own offerings, of course, but also those from CloudStack, Eucalyptus and even OpenStack (as a module). However, Amazon hasn't made the AWS API officially open for use as a standard, and of the above products, only Eucalyptus has a license to use it.

Raj Dutt, senior VP of technology at IaaS provider Internap, believes that restrictive stance limits its potential. "Because other players in the ecosystem have no input into how the AWS API evolves, Amazon is going to find that their API will be less and less relevant," says Dutt.

In fact, for now, the AWS API may be one of the biggest traps lurking in cloud computing. At any point, Amazon could overturn the game board.

Another pseudo-standard in the provisioning and orchestration space is OpenStack, created by Rackspace and NASA and now from the OpenStack Foundation. OpenStack gives organizations, including cloud service providers, the ability to build public and private clouds on commodity hardware. OpenStack is generally viewed as a worthy competitor to VMware, CloudStack and Eucalyptus in the cloud-building space, although the OpenStack Foundation aspires to greater heights. OpenStack's website describes it as the result of "a global software community of developers collaborating on a standard and massively scalable open source cloud operating system." Whether OpenStack is or will be a true standard is a controversial topic among cloud professionals. Dutt says the future is bright for OpenStack now that the foundation has made key governance changes, while Biddick is skeptical. "The process to contribute to OpenStack is pretty informal," he says. "As opposed to the rigor of the IEEE, it's more of an ad hoc jumble of pieces and parts, not driven by a unifying vision."

The safest way to view OpenStack is as an open source project driven by self-interested companies, not as a standard, and proceed accordingly.

Finally, keep an eye on some standards that, while not widely used today, show promise. The Open Cloud Computing Interface offers an open API for managing cloud services, and the somewhat-similar Cloud Data Management Interface, from the Storage Networking Industry Association, offers an open API for managing cloud data. OASIS' Topology and Orchestration Specification for Cloud Applications, is aimed at the larger issue of interoperability and portability by standardizing the life cycle of cloud services. Tosca 1.0 has not yet been released, so it remains to be seen which vendors will adopt it.

cart: how has cloud software and infrastructure affected your approach to standardization?