2011年，云计算技术证明，自己是推动IT行业变革的主要推动力。不同类型和规模的机构均开始正式采用混合云技术，也就是公共云与私有云计算综合服务。2012我们将迎来什么？

私有云不仅不会消失，还会继续发展壮大。

    最初的许多云计算项目都是源于开发人员对缓慢的IT配置能力的不满。于是，他们抓住机会，从公共云服务提供商处获得原始计算能力，而代价只不过是一张公司信用卡而已。于是，有权威人士称，IT的功能已经成为历史，公共云才是“唯一法门”。而私有云是机构内部专用的按需IT基础设施，因此可以说它并不是“真正的云技术”。而且公共云服务提供商认为，私有云没有存在的必要，因为它不够灵活，而且造价昂贵。但我认为这种说法纯属“自以为是”。

    这种说法存在两个问题。首先是内在的自相矛盾：公司目前正在使用私有云提供灵活、按需提供的计算环境，因此不能苛责IT部门不够灵活。另外一个问题是，机构之所以认为在现有数据中心中配置私有云更加容易、便宜存在大量现实的商业原因。其中一个例子实私有云具备成熟的、获得监管部门批准的安全防护与数据隐私控制操作和流程。

    理论上，在哪里进行计算并不重要，但实际上却并非如此。笔者曾经参加过一次圆桌会议，会上华尔街的一位CIO曾这样说：“当然得考虑风险问题。如果可以在私有云上运行应用程序，审查也不存在问题，为什么要使用外部云服务？”

混合云将继续壮大

    公共云的使用推动了计算技术的革新，尤其是对于一些难以预测的面向客户的应用程序。而私有云在公司处理监管机构、标准和其他对运行企业应用程序至关重要的非技术问题时非常关键。对云技术的选择主要取决于公司和应用程序的需求，因此，未来合理综合公共云与私有云的混合云，仍将是大多数公司的实用选择。

    In 2011, cloud computing demonstrated that it was a major driver of change in the IT industry. Organizations of all types and sizes began using the hybrid cloud -- a combination of public and private cloud computing -- in earnest. What can we look forward to in 2012?

The private cloud won't go away, but grow bigger.

    Many early cloud projects were the result of developers frustrated by slow IT provisioning times. They took advantage of the ability to get rapid access to raw computing power from public cloud providers using little more than a corporate credit card. This lead pundits to posit that IT's function had failed and that the public cloud was the One True Way. Thus the private cloud, a dedicated on-demand IT infrastructure within the four walls of an organization, was somehow not "true cloud," and public cloud providers argued that private cloud should not exist because it wasn't flexible or cheap. I call this the "holier than thou" argument.

    There are two problems with this idea. The first is an inherent contradiction: one cannot castigate IT departments for being inflexible when they are using private cloud to deliver a flexible, on-demand computing environment for their businesses. The second is that there are plenty of pragmatic business reasons why organizations find it easier and cheaper to deploy within existing data centers. Established, regulator-approved security and data privacy controls and processes are one example.

    In theory it shouldn't matter where computing is done, but in practice it matters a lot. As one Wall Street CIO put it at a roundtable I attended: "Of course risk is the issue. If I can run it [the application] on a private cloud and pass audit, why run it elsewhere?"

The hybrid cloud will continue to grow.

    Public cloud usage has driven a revolution in computing, especially for hard-to-forecast customer-facing applications. Private clouds are essential to organizations dealing with regulators, standards and other non-technical issues that are crucial to running business applications. The choice is driven by the needs of the business and the application, ensuring that hybrid clouds, making use of both public and private clouds as appropriate, will continue to be the pragmatic decision for most organizations.

平台即服务将赢得开发人员的青睐

    以开发人员为中心的云计算基础设施（IaaS）服务发展迅速，可以提供高效率环境，用于快速应用程序的开发和配置。但平台即服务（PaaS）则可以进一步简化开发过程，可使应用程序开发人员的生产率与灵活性实现巨大飞跃。因为它可抽象出虚拟设备、操作系统和其他与应用程序开发没有密切关系的附加细节。对于应用程序转换或全新应用程序，PaaS可以为开发人员提供一个效率更高的开发环境。这意味着，面向开发人员为的IaaS云业务将面临业务下滑。

服务故障将提高公众对服务质量差异的认识

    之前，许多人误认为，云计算服务能够保证一切性能和运行时间的要求。但2011年，亚马逊（Amazon）经历的服务中断却让人们警醒。好消息是：目前已经有数百家云计算服务供应商，它们可以提供服务级别有保障的云计算服；而且还自行设计其云产品，因此也更为可靠。

    而这也打破了之前的一种认识，即云计算是像电力一样的商品。但实际情况并非如此——细节非常重要，任何你不了解的情况都可能损害云应用。云服务也存在质量差别，例如通过投资基础设施、人力和流程实现的高可用性，而这些也是服务提供商之间的区别所在。如果云服务在设计时，在高可用性方面投入很少或者没有任何投入，它可能价格低廉，但用户则必须拿出资金，从头设计、编写和操作自己的可用性系统。

机构仍将认为，私有云像霍格沃茨魔法学校一样，拥有神奇的安全防护能力。

    熟悉哈利波特的读者都知道，霍格沃茨魔法学校（the Hogwarts School of Witchcraft and Wizardry）有魔法保护，帮助学校里面的居民抵御邪恶势力的入侵。公司的机房不可能具有这样的魔力，但人们却想当然地认为机房之外任何云设施的首要特性就是安全。

    而真正重要的是现有的安全管理措施，以及审查和验证这些管理措施是否可行和是否运行正常的流程。这一条可谓放之四海而皆准，不论私有云归公司所有，还是由第三方提供商提供，或者由公司租赁。拥有或租赁机房不会让公司获得魔法保护。从根本上来说，认为事实不容质疑是一种非理性的想法，这也是为什么这种想法经久不衰的原因。只有进一步扩大外部云服务的使用范围，习惯这种服务，提高其接受度，这种情况才会改变。

    本文作者马休•洛奇，为虚拟机软件公司VMware的云服务部高级总监。马休先生在云计算技术与产品领先能力方面拥有20多年的丰富经验。他曾为多个项目创建编译器和分布式系统，如国际空间站（International Space Station）等，并帮助六个国家首次接通互联网，还曾在思科（Cisco）负责管理价值超过6.3亿美元的路由器产品。加入VMware之前，马休曾在赛门铁克公司（Symantec）担任高级总监，曾负责价值超过10亿美元的信息管理组建的上市。

Platform-as-a-Service will win the hearts of developers.

    Developer-centric cloud infrastructure (IaaS) services have grown rapidly by providing high productivity environments for rapid application development and deployment. But platform-as-a-service (PaaS) represents a quantum leap in productivity and flexibility for application developers by further simplifying the development process. It does this by abstracting away virtual machines, operating systems and other extraneous details that are not germane to application development. For application transformation or brand new applications, PaaS is simply a more productive environment for developers. And that means less business for IaaS clouds targeting developers.

Further outages will drive awareness of differences in service quality.

    Amazon's (AMZN) well-publicized 2011 outages were a wake-up call for many who had erroneously assumed that there was any kind of performance or uptime guarantee for a cloud service. The good news: there are hundreds of cloud providers who offer actual service level guarantees and who have engineered their cloud offerings so they're inherently more reliable.

    This shatters the notion that cloud computing is a commodity like electricity. It isn't -- the details matter, and what you don't know can hurt your cloud application. There are qualities of a cloud service like high availability that are delivered through investment in infrastructure, people and processes -- and that's what differentiates providers. Clouds engineered with little or no investment in high availability may be superficially cheap, but you'll have to pay to devise, code and operate your own availability systems from scratch.

Organizations will continue to assume that private clouds have Hogwarts-like magical security protections.

    Those familiar with Harry Potter know that the Hogwarts School of Witchcraft and Wizardry is magically protected against those who would do its inhabitants ill. The same cannot be said for your organization's own four walls, but this seems to be the fundamental assumption applied to private clouds: the top objection to any kind of off-premises cloud is security.

    All that matters are the actual security controls in place, and the processes to audit and verify that those controls are in fact there and functioning correctly. This is universally true, regardless of whether you own the walls, lease them, or they belong to a third party provider. Owning or leasing the walls doesn't gain you magical protection. Fundamentally, this is an irrational belief that mere facts cannot challenge, which is why it will persist until there is more widespread experience, comfort and acceptance of off-premises providers.

    Mathew Lodge is Senior Director in VMware's Cloud Services group. Mathew has 20 years' diverse experience in cloud computing and product leadership. He has built compilers and distributed systems for projects like the International Space Station, helped connect six countries to the Internet for the first time, and managed a $630 million-plus router product line at Cisco. Prior to VMware, Mathew was Senior Director at Symantec, where he led go-to-market for its $1 billion-plus information management group.