2010 is definitely the year of the cloud, The IT world is abuzz with the benefits of cloud computing and rightfully so. Cloud computing, the logical extension of network storage and virtualization, is probably the biggest IT leap forward since pervasive use of the Internet. Despite the buzz all that glitters isn’t gold. Despite a widespread interest in cloud computing there may be some pitfalls including cloud lock-in.

Just like the web boom of the late 1990s it’s being powered by open source software with Xen and KVM hypervisors, Hadoop mapreduce, memcached and a proliferation of the NoSQLnon-relational databases whose numbers seem to be growing by the day.

Not only is open source software helping to power the cloud infrastructure but contributions from growth companies like Facebook, Twitter, Google and RackSpace are at an all-time high.

Despite the open source lovefest there is growing concern about the potential for vendor lock-in and many of the other problems associated with proprietary software. Savio Rodrigues makes a thoughtful assertion, that open APIs, not open source will protect the future openness of cloud offerings. Maybe so but it’s yet to play out.

Red Hat CEO James Whitehurst weighs in on the subject of cloud vendor lock-in at Network World, in this article titled Clouds Can Become the Mother of All Lock-ins,

His assertion:

“Once users get stuck in something, it's hard for them to move, Whitehurst said in an interview. The industry has to get in front of the cloud computing wave and make sure this next generation infrastructure is defined in a way that's friendly to customers, rather than to IT vendors, according to Whitehurst.”

Last month Google and VMware announced their Open PaaS Strategy (that's Platform-as-a-Service), VMware seems to be diving into Open Source with both feet buying enterprise messaging ssytem RabbitMQ, java stack provider SpringSource and mail provider Zimbra over the last year. And recent statements by VMware’s CTO, Steve Herrod indicate VMware’s interest in openness as well.

In a blog post on the VMware Console blog he talks about the same dangers of lock-in that Whitehurst warns of in his statement in this blog post last month:

Our shared vision is to make it easy to build, run, and manage applications for the cloud, and to do so in a way that makes the applications portable across clouds. The rich applications should be able to run in an enterprise's private cloud, on Google's AppEngine, or on other public clouds committed to similar openness.

Three Types of Cloud Lock-In

I have noticed four themes around cloud lock-in: application lock-in, platform lock-in, data lock-in and systems management/tools lock-in. I am going to dismiss application lock-in because I think this can occur regardless of the type of infrastructure the app is hosted on. It’s these three that cloud computing users should consider.

Platform Lock-In

In Mr. Whitehurst’s example he cites lock-in of cloud providers and their underlying virtualization platform. For example, open source vendor Eucalyptus uses Xen as their virtualization platform while Ubuntu’s Enterprise Cloud uses KVM, a project that relies on Linux kernel virtualization favored by Red Hat and Ubuntu alike. Though if your running virtual machines optimized for KVM are they able to migrate to other clouds for workload sharing like Amazon’s EC2  (which uses a format called an Amazon Machine Image or AMI) or images running on VMware.

Data Lock-In

Cisco’s James Urquhart, weighs in on this idea of cloud neutrality by publishing a Cloud Computing Bill of Rights. A revision of his thoughts culminating over the last few years. His goal to spark the debate on what tenets should be afforded to users of cloud computing. The first article of his Bill of Rights specifically spells out that Users should own their data and what that entails.

Tools Lock-In

This kind of lock-in is potentially the most common and should be considered carefully, just like the platform and the data the tools that manage the cloud can be a source of lock-in. Provisioning, configuration management monitoring and monitoring tools need to be able to span different types of infrastructure both physical and virtual. Tools like Zenoss Core in monitoring that can monitor Xen, VMware, Amazon EC2, Google App Engine, VMware and more make sense. Not because they monitor cloud infrastructure but they monitor hardware and local apps as well as those hosted in the cloud. Other examples of tools that span the divide include provisioning tools like Cobbler and configuration tools like Cfengine, Opscode Chef and Puppet. Open source and agnostic with regards to physical or virtual infrastructure.

No Answers, Just a Word of Caution

Cloud computing provides a great opportunity to gain efficiency, redundancy and scalability and probably outweighs the pitfalls. Just a few words of caution understand what you are committing to.  It doesn’t stop at lock-in either.  As the use of cloud computing grows security across cloud providers and beyond that network latency provide their own unique challenges. While the future is sunny for cloud computing it’s wise to take an umbrella to avoid an unexpected showers.

Related Articles on Cloud Lock-In

• Google Partners with VMware (Information Week)
• Announcing Google App Engine for Business (Google Code      Blog)
• Google Launches Business Version Of App  Engine; Collaborates With VMware (TechCrunchIT)
• Google I/O Day 1: Google App Engine and The Chrome App Store (The VAR Guy)
• Google and VMware Wed at the App Engine (NY Times)
• The Skinny on Cloud Lock-In (Rightscale Blog)
• What to Do about Cloud Lock-In (CIO Zone)
• WSO2 Fights Cloud Lock-in with Stratos PaaS (Architect Zone)
• Cloud Lock-In. Not your Father’s Lock-In (Elastician)
• How to Avoid Cloud Lock In (FutureGov)