Cloud Lock-in

The worm in the apple; and how A10 Lightning might help

David Norfolk

Written By:
Published: 9th December, 2016
Content Copyright © 2016 Bloor. All Rights Reserved.

I am increasingly worried that as Cloud becomes "enterprise ready" and the big vendors are starting to sell robust and highly governable Cloud platforms, lock-in to a Cloud vendor's Cloud platform is becoming as threatening as lock-in to 1980s IBM technology (in the days of Mainframe, SNA - Systems Network Architecture - and, later, SAA - Systems Application Architecture) ever was.

This is particularly a problem with Hybrid Cloud (currently, the most practical approach to Cloud) because of the licensing issues involved. Lock-in can be quite subtle but when on-premises licensing for, say, a vendor's database platform is extremely complicated and not particularly cloud friendly, and the vendor is known to be litigious, many people will adopt that vendor's Cloud platform and its recommended database licensing, rather than risk going it alone. There are many interesting articles on licensing for the Cloud on the Web (I link to just one example). This is not exactly the "Cloud culture" I envisage, where one can swap services between Cloud vendors and platforms at will, on the basis of their published service level agreements, and one pays only for what one uses. But I can see why such a lock-in model might be attractive to the big vendors.

Ultimately, I hope we'll see the rise of trusted third party "Cloud Service Integrators", that build custom Cloud services for businesses, that can be abstracted from the underlying technology platforms/vendors and defined purely by their SLAs (although this will be far from trivial until we develop high-level standards for the semantics of Cloud service descriptions). The goal, for me, is for a business to be able to move freely between appropriate hybrid Cloud platforms, partly for resilience (a particular Cloud platform may fail or become undesirable because its vendor makes bad technology or "political" decisions) and partly in order to optimise cost-effectiveness for the business.

That is the vision. In the meantime, we are on a journey and I do see technologies emerging that will take us further along this journey. For example, A10 Networks, a provider of secure application services, has just released its A10 Lightning Application Delivery Service (ADS). This is a Software-as-a-Service (SaaS) platform for the management and delivery of applications and microservices across public, private and hybrid clouds - it not only serves up traditional web applications but is built for Cloud and copes well with the emerging container and microservices-based architectures.

A10 claims that its "application delivery controller" (ADC) helps to bridge traditional and cloud application environments. For most enterprises attempting "digital transformation", this is going to be essential as, whatever their future Cloud vision (as, presumably, a Mutable Enterprise), they will operate today largely on legacy technology. They can't afford to lose or annoy customers that they have today and must make the profit (or, at least, maintain the reputation) needed to finance their digital transformation. A good user (customer) experience is essential to success and customers are unlikely to see "oh, but we haven't transformed that bit yet" as much of an excuse for a bad experience.

At a higher level, what A10's ADS claims to do is to increase agility, help to manage technology risk and automate necessary but cumbersome tasks that occupy the time that administrators could devote to something more creative.

A10 also promises, in effect, to help to reduce dependency on any particular vendor. It claims to "allow flexible application deployment across multiple clouds with the ability to seamlessly maintain and manage diverse workloads". And, it "will run natively on public cloud environments such as Amazon Web Services - an A10 partner - and on Microsoft Azure and Google Cloud Platform". Well, the proof of the pudding will be in the eating thereof, but it seems like a big step in the right direction to me.

The platform contains several integrated components:

  • A10 Lightning Controller, for central management, policy configuration, and analytics (I assume the data and metadata in its Repository is seen as belonging to the A10 customer);
  • Lightning ADC, which provides Layer 4-7 application load balancing and security policies (managed across different clouds by the Lightning Controller);
  • Lightning Portal, which is a self-service, role-based portal for managing infrastructure and associated policies on a per-application basis;
  • Lightning APIs, which ensure that all capabilities are available via a RESTful interface; so that orchestration and configuration APIs may be used to integrate with deployment automation tools like Chef, Ansible and Jenkins. I think that this is an absolutely critical part of the story; one doesn't want to replace one vendor lock-in with another.

So, to summarise, I think that businesses should be thinking about Cloud platform lock-in now, while they still can, although any lock-in issues are trumped by questions of business effectiveness, of course. In practice, this means, in part, selecting tools with well-defined and open APIs, that deliver the sort of customer benefits A10 claims for its Lightning ADS:

  • Support for modern architectures and environments, including container- and microservices-based design; DevOps processes; and services delivered on public, private and hybrid clouds;
  • Per-Application dis-aggregated analytics, which enable effective (timely) issue resolution and capacity planning;
  • Support for multiple Cloud platforms, allowing heterogeneous workloads to be deployed and managed across multiple public, private and hybrid clouds.

Post a comment?

We welcome constructive criticism on all of our published content. Your name will be published against this comment after it has been moderated. We reserve the right to contact you by email if needed.

If you don't want to see the security question, please register and login.