There is a LOT of interest in Cloud Computing these days. I just finished skimming through an article on Ubuntu One (Ubuntu's cloud solution), and I'm noting a disturbing trend. Under the pros and cons, they only pay attention to the features the system offers, or doesn't offer. It totally misses the points that touch on the cloud computing idea itself.
There are reasons why I will NOT be using cloud computing for the foreseeable future. Unless it is a cloud system I build and support myself. But to understand this, we need to understand just what this cloud thing is. And there are many conflicting definitions out there.
The generalized definition of a cloud goes something like "Data and/or services stored on a server that resides on the Internet." This is a rather broad definition and in inadvertently includes ALL web servers, email servers, FTP servers, Database servers, etc. that are not on your local network. This definition is obviously too vague and imprecise - it encompasses everything, therefore is useless to describe a more specific type of "cloud".
The more specific type of cloud can be defined as "A server or cluster of servers that can provide a Virtual Server on demand which will itself provide data storage or various services." With this definition, we shift focus from EVERYTHING to an environment that provides virtual machines with very little effort. THIS is the definition most techies mean when they use the term "cloud computing". The act of providing a virtual machine becomes a service, much like an email server provides an email account. The HUGE difference here is that the virtual machine is a clean slate that can itself be set up to provide ANY type of service a more traditional server can. So the "cloud" can provide web services, email services, etc. that all become part of the Internet per se, yet the "cloud" is still treated as a separate service.
And there is where the problems exist. And the problem is not a new one. Put simply, "Who owns the data?". Because if the data is not on servers you own/control, then you most definitely do NOT own that data. Sure, you may have a license agreement to make use of the services, but when crap happens, you do not have ultimate control over who can see or access your data or services. The cloud provider does.
This is no different than considering who really owns your email data, or your web page data. If you set up your own servers, you do. If you use hosting services, well, you do not really own that information. A balance has to be established between how much control you want over your data, and how much effort you are willing to exert to maintain that control. For instance, I moved my mail services to a hosted environment because I got tired of the constant effort to keep a mail server operational and meaningful (filters, networking issues, etc.). This was a conscious choice for me and I knew I was giving up ultimate control of my email in return for the convenience and saved time of not having to maintain a server.
So what is the worst that can happen? Imagine you move your data and services into a cloud server. It may be Ubuntu One, Amazon's EC2, or some other cloud like system out there. After a (hopefully) short learning curve, things stabilize and you get great service. But then one day the cloud provider changes policies. Perhaps they decide to start collecting data about how their cloud services are being used, and then sell that information. Perhaps part of that information is what kinds of services are being run, how much data is being stored, what sort of data, etc. This means the provider is looking inside your environment and learning more about you, and then making that information public. Now imagine the tool the provider writes to do so has a bug and inadvertently broadcasts ALL your data. Or worse yet, shuts down access to your cloud services. Now you are in a world of trouble. You are helpless and cannot do ANYTHING except call the provider and complain. Sure you can involve lawyers, but that does not change the fact that the critical services you depended on went away and you have NO means to even begin figuring out how to bypass them.
Another nightmare scenario is that your cloud provider decides that they are loosing money providing the cloud services and pull the plug. This happened with Microsoft's "Plays for sure" DRM services and anyone who made use of the "Plays for sure" services were left without access to data they bought, forcing them to buy it again. Nothing like a little ill-will from your customers. But with the cloud environment, the impact can be so much worse. Corporations and governments have done complete switches to use cloud type services - Google Docs, Amazon EC2 based servers, etc. I submit that these corporations and governments are in for a world of hurt when - not if - the cloud provider has problems and data is not accessible. In some cases corporations will go out of business. In other cases substantial data loss will occur, costing huge amounts of cash to get again.
A much better option is to NOT use a cloud provider and maintain your own services. Perhaps you build your own internal cloud system. Or maybe you stick with the one server per service approach. Either way, when crap happens, you have full access to the servers and can begin to recover data, or fix access, without waiting for someone else to do something. With this set up the ONLY issue you need to really worry about is if your Internet connection itself fails. But that is what redundancy is about.
Now, I may be coming down real hard on the idea of the cloud services. But, there is hope for the idea yet. Ubuntu has partnered with Eucalyptus to provide a way for individuals to create their own cloud environment. These private clouds offer the best of both worlds, in my opinion, and allow the cloud services while still retaining complete control of the data and servers. It may be too that Ubuntu One, or Amazone EC2 become so incredibly stable and long lived that concerns of them going away or abusing the data residing on their servers become moot. Until then though, I will not trust my business, data, or personal information to external entities without a lot of thought, and appropriate disaster recovery plans in place.