As I started flipping through “Cloud Computing – Concepts, Technology and Architecture” (Amazon link) from Prentice Hall Pearson Education, Inc. publishing, I immediately knew this was not a light weight, marketing heavy coverage of the “cloud” topic. Since “cloud” became a marketing mantra a few years back I’ve been a bit critical in responding to the on-slaught of cloud computing “game changing” claims by IT pundits in blog comments as well as my own blog post on the subject here. As I completed my initial skimming of the text, I was very impressed with the authors’ complete lack of any cloud sales theme anywhere in the book. Thus, initially relieved this would be a serious text on cloud computing, I sat back with note taking at the ready to dive into reading “Cloud Computer – Concepts, Technology and Architecture” by Thomas Erl, Ricardo Puttini, and Zaigham Mahmood.
Free from all the “cloud” hype, this book provides the cloud fundamentals that enables the IT practitioner to cut right through the vendor sales pitches and make effective decisions on efficiently leveraging cloud services for their business needs. Covering the gamut of cloud business use cases from startups building out their IT infrastructure in the cloud to providing hosting services to government entities as a cloud provider, the book gives the reader every angle of cloud. Using a text book like format of theory related to practical use cases related to three case studies running throughout, the authors have a very effective structure to give the reader ample means of comprehension. The generous use of pictures (~260) provides the reader a compliment to the narrative explanation of the many cloud architecture concepts outlined. Starting with the basics and moving to exceedingly advanced cloud service delivery models, the book both helps novice readers as well as advanced practitioners glean valuable insights into cloud architecture models. All in all, a well constructed and thoroughly researched book. The only glaring gap I discovered was the relatively light and mostly theoretical security of the cloud coverage. For being one of the most misunderstood and challenging barriers to cloud adoption, I was left disappointed with the mild coverage of security juxtaposed to the expansive and deep coverage of all the other cloud topics. I strongly recommend this book to both novice and advanced practitioners interested in ensuring they have the most broad understanding of cloud. For those in need of a deep cloud security education, you might find this book lacking.
Review at Length
First and foremost, if you are looking for a light read that is going to just touch on the high level cloud computing topics, this is definitely not the book for you. Structured more like a college text, part way through I was thinking this would make an excellent book for a college course on cloud computing. The only thing missing, in my opinion, to make this perfect for academia is a section on the history of computing from the perspective of mainframe to mini to pc/server to virtual machines to today’s cloud platforms. The few paragraphs covering history in the beginning of the book wouldn’t be enough to really bring students the full spectrum of cloud evolution.
The use of three case studies that represent three different business needs for cloud was very effectively used through out the text. The companies and their cloud business interests were pointed out in the beginning of the book and then periodically referenced through out as the subject matter overlapped with a component of the case study. I found this to be a great technique to re-enforce the topic the authors were addressing by mapping the cloud theory outlined to the real world application via the case studies.
Additionally, the authors used architectural drawings frequently (~260) to support the textual descriptions of many of the concepts. This was another very effective way to re-enforce the concepts the authors were trying to convey. The Arthur Brisbane quote: “Use a picture. It is worth a thousand words.” definitely applies. One can try to describe network traffic load balancing across multiple data center in words, but a simple picture can solidify the concept much more effectively with a technical audience.
The authors combined the very effective:
1. Tell the reader what they are going to learn in the next section
2. Verbose topic explanation in the that next section
3. Followed by a summary of what you just read/learned in that section
Joined with narrative supported by architectural drawings (pictures) supported by case study references, the authors have a great format to ensuring the reader gets multiple views on the important topics to increase comprehension.
With cloud computing being such a broad topic with so much confusing and contradictory material about what is and isn’t cloud out there in the market, the authors start right in chapter one with collecting the various definitions and normalizing one for the reader.. This was a great place to start. Also, the quote the authors selected from John McCarthy on page 26 is the one I frequently use what I present on security topics around cloud computing (such as this one of my presentations). I had to enthusiastically smile at that quote choice.
Part I – “Fundamental Cloud Computing”
The first part of the book entitled “Fundamental Cloud Computing” is extremely well done and indeed provides a fundamental grounding of a comprehensive list of cloud computing topics. I found myself frequently wishing I had this material back a few years ago when the “cloud evangelists” came on the IT scene touting all the marvelous disruptive game changing advantages of “cloud”. The “X-as-a-service” section leaves no ambiguity to these frequently confused definitions of cloud functional delivery capabilities. Given my current focus on information security in my day job, I was highly interested in the sixth chapter on fundamental cloud security. Upon completion of chapter six, I felt the authors touched on the basics and effectively left me wanting to know more details which I hoped would be covered later in chapter ten. As most know, there is plenty of concern around the security ramifications of moving your valuable computing and data from your technology in your data center to some magic data center in the proverbial sky.
Part II – “Cloud Computing Mechanisms”
The second part of the book entitled “Cloud Computing Mechanisms” builds upon the basic concepts in the first part to give the reader the next level of deeper understanding of what goes into delivering computing services via the cloud. All the fundamental assemblies of redundant technologies for high availability and network scale and load balancing are covered to a level of depth that the IT generalist can appreciate. Here, again, is where the linkage to the case studies proves exceptionally effective to connect the theory to the real world.
The “ready made environment” that was covered in chapter six was a great approach to use to educate the reader. Having spent quite a bit of time research the cloud computing topic since its recent “marketecture” invention, I was easily able to follow the authors. Yet, at the same time, as an advanced reader, I have some concerns that a more novice reader won’t be able to immediately grasp the concept. This concept is an important one: the ready made environment compared to the legacy corporate IT process and new build technology associated with standing up a business consumable computing platform. I think here, some reference to the case study involving a corporate IT shop looking for agility in the cloud would have been additionally helpful.
In general, barring the ready made environment comments prior, the authors did a great job building on the fundamentals in the prior section with one notable exception: chapter ten’s coverage of security mechanisms. As I read chapter ten, I was really looking forward to the same level of pragmatic coverage of IT infrastructure fundamentals mapped to the cloud as with the chapters seven through nine. What I experienced was what I would classify as more general security topics rather than specific cloud adaptations. The concepts of hashing and encryption and single sign-on were well defined, but I felt as if that entire chapter could have been cut and paste into a “security fundamentals 101” book for general security practitioners. There didn’t appear to be a strong direct mapping of the security concepts to practical use in cloud situations. In trying to be fair with my significant investment in my own knowledge and experience in IT security over the course of my career, I didn’t expect to be presented with ground breaking security reference architectures. Yet, I felt as if the authors failed to provide enough useful guidance to the reader on one of the most foundational barriers to the use of cloud: security. Thus, if I had to express one glaring gap or weakness in the entire book it would be the lack of depth in the security coverage compared to the effective coverage of the single-on security-centric cloud topics.
Part III – Cloud Computing Architecture
The third part of the book entitled “Cloud Computing Architecture” further assembles the prior section’s components into more cohesive architecture models. Each model is well described in what technology focused services it provides. I was able to clearly follow the authors’ description of each model. What would have helped me and I assume other readers is more associations with real world or relate-able uses of each model. Where the authors’ did effectively relate the theory to case studies and practical examples in prior sections, this section seemed very heavy on theory with little to no case study/example linkages. Also, as I was reading, I was hoping the authors were going to provide some sort of model interrelation or a matrix that helps the reader compare the contrast each model. Maybe the enterprise architect in me was looking for pros and cons or ways to easily determine which model applied most directly to what business need. By not finding that, I was left a bit disappointed. In general, this section had great content but it didn’t seem as well constructed and represented as the other sections.
Part IV – Working with Clouds
The fourth part of the book entitled “Working with Clouds” returns to the authors’ strength of turning complex cloud topics into easily understandable, logical and relate-able constructs. The cloud delivery models in chapter 14 were very well described and referenced back to one of the case studies. The detailed pricing and charge back handling of chapter 15 was excellent. Additionally, the SLAs (service level agreement) coverage in chapter 16 was comprehensive and thorough. Again, multiple case studies were referred to in this section’s chapters that really help to match the theory to the practical application.
The collection of appendices represent some specific topics that didn’t quite fit neatly with the coverage and flow of the bulk of the text. Having the conclusions to the case studies introduced and periodically referenced in the prior sections was a great way to bring closure. The list of cloud related standards bodies and organizations makes for a handy reference. I was impressed to see an appendix dedicated to contract language. Finally, the business case appendix was a little light in content, but it definitely gets one a framework by which to start collecting data to support justifying a cloud investment.
Full table of contents:
Chapter 1: Introduction
Chapter 2: Case Study Background
Part I: Fundamental Cloud Computing
Chapter 3: Understanding Cloud Computing
Chapter 4: Fundamental Concepts and Modules
Chapter 5: Cloud-Enabling Technology
Chapter 6: Fundamental Cloud Security
Part II: Cloud Computing Mechanisms
Chapter 7: Cloud Infrastructure Mechanisms
Chapter 8: Specialized Cloud Mechanisms
Chapter 9: Cloud Management Mechanisms
Chapter 10: Cloud Security Mechanisms
Part III: Cloud Computing Architecture
Chapter 11: Fundamental Cloud Architectures
Chapter 12: Advanced Cloud Architectures
Chapter 13: Specialized Cloud Architectures
Part IV: Working With Clouds
Chapter 14: Cloud Delivery Model Considerations
Chapter 15: Cost Metrics and Pricing Models
Chapter 16: Service Quality Metrics and SLAs
Part V: Appendices
Appendix A: Case Study Conclusions
Appendix B: Industry Standards Organizations
Appendix C: Mapping Mechanisms to Characteristics
Appendix D: Data Center Facilities (TIA-942)
Appendix E: Emerging Technologies
Appendix F: Cloud Provisioning Contracts
Appendix G: Cloud Business Case Template