What is private cloud?

Rosemary Francis_21150
Rosemary Francis_21150 New Altair Community Member
edited August 2022 in Altair HPCWorks

Assuming that you are familiar with the concept of cloud computing, perhaps a better question might be: what is the difference between public cloud and private cloud? Public cloud usually means compute resources rented from one of the popular cloud vendors: AWS, Azure, Oracle or Google Cloud. Of course, there are other smaller public clouds available, most offering a unique differentiator. For example, there are specialist government clouds, clouds for specific workloads, clouds in specific geographies. You can even use Icelandic cloud powered by thermal energy for lower power costs and greener credentials.

Amazon Web Services can be credited with being the leader in this market, with 60% of the internet hosted on AWS machines. They started out as a bookstore in the 90s, expanded to other goods, but really struggled with seasonal demand. Over time they realised they had built the world's first cloud and could rent out their spare capacity outside of the holiday season. So in this sense their private cloud became a public cloud.

It is common in HPC to talk about hybrid cloud, where a combination of On-premises compute and public cloud is used. Centres may set up separate clusters on-premises and in the cloud or they may use cloud bursting to extend an on-premises cluster with additional compute nodes residing in a public cloud.

Is Public Cloud not also Private?

I have heard the term private cloud being used to describe an HPC cluster hosted in on a public cloud. After all, with all the latest security protocols in place, the use of those facilities is truly private and provides no public facing service such as Netflix or Booking.com. That said, all cloud accounts are private so is a relatively redundant use of the term. For those reaching for terms to describe the many ways in which we consume compute, Private Cloud has a different meaning.

A Private Cloud usually refers to on-premises, wholly owned or leased machines that are configured to run as a cloud, using many of the cloud native technologies that are creeping into our HPC environments. Is an HPC cluster a private cloud? In some senses it is; users can submit workloads that are automatically reserved from a pool of shared resources. In other ways however an HPC cluster falls short of being a true cloud experience.

Provisioning and isolation

There has been an explosion of cloud-native technologies over the years, many of which have made their way into on-premises data centres, but cutting back to the core, to call a data centre a cloud you really need some way of dynamically provisioning resources, and you also need some way of isolating users from each other. None of the cloud vendors would have a business if you couldn’t spin up a machine on demand in your account and be assured that you had secure access to that resource.

Virtualisation is therefore heavily used in the cloud to provide automated provisioning and isolation between users. On-premises HPC systems are usually bare metal for performance reasons. The ability to quickly repurpose hardware is essential in the cloud so the performance hit is worth paying, but with virtualisation overhead being 5-50% that can eat up a huge chuck of your compute budget. As workloads become more diverse though and HPC systems become ever more complex to administer, increasingly centres are using virtualisation in their on-premises environments and the differences between HPC and private cloud are being eroded.

Scalability in the cloud

Automatic provisioning is only really useful if combined with scalability. The cloud vendors would like you to believe that their cloud platforms offer infinite compute and for the majority of users it can feel like it. For an on-premises system to be able to scale like public cloud there has to be some enough resources so that users can reasonably expect to be able to procure what they need. Sure there will be times when that is not possible, but that is the case in public cloud as well. Ever tried to get a spot instance on black Friday?

Who pays for it?

Cloud also brings a different way of billing and accounting for utilisation. The total cost of ownership may be the same, but costs that are broken down in to capital expenditure and running costs on-premises are rolled into an hourly subscription in the cloud and billed as an operational cost to a project. This may be preferable to users. For example, in the academic community researchers work long hours to secure their grants. Institutions often skim off a charge HPC without any transparency on whether the research group gets value for money. Those researchers may prefer the cloud-like billing system that corresponds closely to the resources used.

So for a true cloud experience, in a private cloud you would invoice users for their consumption just like you would in a public cloud, but if the system is underutilised, who picks up the bill for the over spend? The total cost of ownership of a private cloud will include the capital expenditure of the hardware as well as running costs, software licenses, IT staffing, and commercial support for the many vendors and suppliers involved in keeping these systems running. Rolling those costs up in a way such that you can accurately bill teams for what they use while also delivering cloud-like flexibility and scalability is a challenge not to be under-estimated.  

What does a Private cloud look like?

Building a Private cloud in your data centre requires an orchestration layer below the HPC workload manager that will provision compute, configure the network and deploy applications in a way that allows compute resources to be dynamically scaled and reassigned according to user demand. With a large enough data centre it can feel a lot like a public cloud in which users can reasonably expect to get the resources they have requested. OpenStack is a provisioning framework that could be used to orchestrate such a configuration, if you have the talent to make it work. Other provisioning frameworks exist and the big cloud providers are slowly coming up with solutions to install public cloud functionality into your data centre.

How far you go with your cloud is another question. Shared filesystems are a staple in legacy HPC, but expensive in the cloud. You can go fully cloud native with most applications by doing away with shared filesystems, embracing object storage and locally attached disks. How to architect your data strategy for hybrid cloud or private cloud is really a topic for another day.

Why would you want a Private Cloud?

For large organisations, a Private Cloud offers a certain economy of scale. It is complex to maintain and build a Private Cloud, but it is inefficient to have lots of siloed compute too, especially for transient use and it can be expensive to use Public Cloud long term if your compute needs are relatively stable.

An example of a set of organisational needs that might benefit from a Private Cloud configuration is:

  • Multiple traditional HPC clusters,
  • A Kubernetes cluster used for AI workloads,
  • Business functions such as accounts and payroll,
  • Dedicated development machines reserved for specific users.

For research organisations and companies handling sensitive data, isolation between teams and data may be key. There are many rules about data access, particularly for medical data. What better way to ensure isolation than to have a separate HPC cluster spun up for each team on the project.? Isolation can be implemented at the network layer, providing reliable access control. Partitioned HPC can provide some of this solution, but may be inefficient without a the ability to dynamically scale up and down with demand.

As for development machines, it is common for users to have admin privileges on their own machine so they can install third party software and custom environments. This is not something that can be delivered in a normal HPC environment, but as part of a cloud it should be possible to spin up a machine and give the user permissions to install software there without giving them root access to the wider infrastructure. Depending on the turnover of your staff and longevity of development projects it can be much more cost effective to set up a virtualised environment to support these needs.

Of course this level of configuration would be possible in a Public Cloud. With the right tools, it is relatively straightforward to spin up a cluster for each team in Public Cloud and many life sciences organisations are using Public Cloud for this reason, but if you are in a country without significant investment in local Public Cloud it may be necessary to build your own to prevent medical data from leaving the region. It may also be expensive to use Public Cloud for all your compute if the resources are deployed over long periods of time.

Is it worth it?

There are no easy solutions out there for setting up a private cloud. If you want one you will first have to build a team to implement it. Once there, you can enjoy some benefits such as being cloud native. If you really embrace cloud-native technologies in your private cloud then bursting to public cloud is much easier. For most organisations the overhead of handling an extra layer of complexity in the compute environment will not be worth it: the total cost of ownership of a private cloud will outweigh the benefits. But for others, the complexity, diversity and scale of their workloads will make it worth the effort.

About the author

Dr Rosemary Francis founded Ellexus in 2010, which was acquired by Altair in 2020. Rosemary obtained her PhD in Computer Architecture from the University of Cambridge and after working in the semiconductor industry founded Ellexus, the I/O profiling company. Rosemary is now Chief Scientist for HPC at Altair, responsible for the future roadmap of workload managers Altair PBS Professional and Altair Grid Engine. She continues to be the product manager of the I/O profiling products and is shaping our analytics and reporting solutions across our HPC portfolio. Outside of Altair, Rosemary is a member of the Raspberry Pi Foundation, an educational charity that promotes access to technology education and digital making. Rosemary has two small children, is a keen gardener and windsurfer.

 

Tagged:

Comments

  • francois marc
    francois marc New Altair Community Member
    edited January 2023

    A private cloud is a type of cloud computing that delivers similar advantages to public clouds, such as scalability and self-service, but through a proprietary architecture that is dedicated to a single organization.