Once you assess that you need a Cloud Platform for your business and in particular that you want to leverage the possibilities of a PaaS, then you will find yourself in front of a wide range of choices.
A little bit like a greedy child in front of a table full of pastry... it is hard to choose...
You have Cloud vendors that have a generic platform approach which try to cover most of the use cases. While other vendors try to specialize in specific areas (like big data or analytics). And finally a wide variety of CMPs (Cloud Management Platforms).
Usually the main lock-in points for a software development based on PaaS are:
- Data storages
- Business logic (business rules, BPM etc...)
- Analytics
- Cloud Management Platform
Many Cloud vendors try to present themselves as "open" PaaS providers. Many uses open frameworks (like Cloud Foundry) as core engine, others glue together open source components attempting to carefully avoid the idea that you could lock-in using their services. Finally, some other providers, bluntly, yet more honestly, offers proprietary PaaS technologies that totally lock you in (like Google or Amazon).
One layer up, on top of the naked components that build the different PaaS offerings, usually we have a management layer called CMP. This is a layer used to enable the management of the cloud resources, define the access policies, do the billing and metering, configure the scaling of the infrastructure etc.
All the cloud providers have invested heavily on CMP platforms that manage either their IaaS and PaaS offering. Those tools are mostly proprietary and can create sneaky lock-in. The CMP is in fact the entry point into the cloud platform, it is used not just to develop the software, but also to operate it and deliver the software as a service to your customers.
Why the lock in can be very bad?
Because you get your hands tied up in many areas like costs, technological choices, security, service level agreements etc. Without considering the possibility of the cloud provider default, which will put you out of the business temporarily or permanently.
Is it possible to totally avoid any lock-in ?
Not easily. I mean, you can, but the amount of investment that you will need to build functionalities that are already offered by the cloud provider (like the CMP), may be too high to be covered. Moreover your time to market could be short, living you no choice.
What countermeasures you can adopt to minimize the lock-in effect ?
It is possible to architect a software solution in a way that the lock-in is well isolated and replaceable with reasonable efforts. You should layer your software following few strong design principles:
- Isolate all the major services behind APIs. So that you can easily replace a service if needed.
- Try to use always component and services which are either open source and available via many providers. In other words: try to avoid frameworks and technologies available only via single cloud provider, for large pieces of your software
- Define business rules and processes in a portable way (using maybe DSL, standard rule engines etc...)
- Manage your data in a way that a data migration is always easily possible (no matter what is the amount of data)
- Use, if possible (and convenient) a third party CMP (like SCALR or RightScale)
In a single statement: be always ready to move elsewhere with the minimum possible economical effort.
Being free to choose your PaaS platform (no lock-in) means that you are free to define your own market positioning, price policies, your service levels and manage more effectively your costs. This comes at a price: more effort on building a proper architecture for your software. Benefit and costs as usual need to be balanced, and as usual you will need to be agile and compromise on what works better for your business... no one else can do that for you ...
