Building an Infrastructure as a Service cloud in your datacenter – first of several articles

Infrastructure as a Service (Iaas)

IaaS is one of the three delivery methods of cloud computing (the other two are Platform as a Service and Software aa Service).


Infrastructure as a Service delivers compute, networking and storage as software on commodity hardware, typically rack-mounted servers that can be added as required to scale a cloud horizontally.

  1. Compute – virtual machines of different sizes, different number of CPUs and/or memory.
  2. Networking – software defined networking: networks, routers, switches defined in software that also provider networking services: Load Balancing, Firewalls, VPN etc.
  3. Storage  – blocks of storage as virtual disks or for storing/retrieving files

These three components are managed using a dashboard, command-line interface or API.

OpenStack dashboard

OpenStack dashboard

Characteristics of IaaS:

  • Elasticity: A user can provision (add) or de-provision (remove) cloud instances to scale their cloud up or down.
  • Multi-tenancy: The cloud servers are hosted on a shared infrastructure. This means that your cloud instances co-exist on the same hardware as another user’s cloud instances. To understand multi-tenancy, think of an apartment building (or block of flats). The renters/tenants have their own apartment, but share an elevator or stairway, foundation and roof. The owner of the building rents out apartments as needed and is responsible for the plumbing etc while each tenant is responsible for their own furniture and interior decorations. Similarly: an IaaS customer is responsible for their own applications, the cloud provider is simply providing the infrastructure.
  • User self-service: Users can create their own cloud instances/virtual servers, provision their own storage and networks. This is one of the most compelling reasons to use a cloud, users are not beholden to an IT organization to provision their infrastructure for them.
  • Utility billing: The cloud provider will bill the cloud-user for the resources used. Infrastructure as a Service is akin to a utility company providing and billing for electricity, water and natural-gas. You share electricity with everyone on the power grid provided by the power station, and only pay for what you use.
  • Virtual Machines: The servers, also called “cloud instances”, are delivered to customers as virtual machines. A virtual machine is a server or workstation, with operating system and applications that appears to the user as a physical server.

Infrastructure as a Service is typically offered in three forms:

  1. Private cloud also called on-premise
  2. Public cloud
  3. Hosted private cloud

An organization can build a private IaaS cloud and then provide infrastructure services to their internal departments or partners. To build a private IaaS cloud, you need virtualization software to run a hypervisor.

Examples of hypervisor software are:

  • HyperV, VMware, XEN.
  • KVM – Kernel-based Virtual Machine is available with most Linux distributions and as open-source software. Red Hat offers KVM virtualization.

Once you have a virtualization or hypervisor layer, then you need cloud software to provide the on-demand, user self service and elasticity features of cloud computing as a Service.

Examples of IaaS private cloud software are:

  • Eucalyptus, Microsoft, VMware.
  • OpenStack: OpenStack is open-source project with over 200 contributors.


These series of articles will focus on building a private cloud using Red Hat OpenStack, which is offered as a free version or paid subscription.

Next….. Concepts and architecture of OpenStack


Can HealthIT exist in a cloud computing environment?

Healthcare Clinical Information Systems can be hosted in the cloud as described in this HealthcareIT News article. Hospitals are not rushing to embrace public clouds rather for privacy and security reasons hospitals are hosting applications in a private cloud. A radiology application is highlighted, for example Carestream Vue – the benefit being collaborative view of radiology images amongst phyisicans who don’t have to use a computer at the hospital to use the RIS/PACS software. 

To translate the HealthIT News article terminology into cloud computing terms, I will quote some of the sentences and provide links and details

Financial benefits

“Cloud-based healthcare IT services reduce or indeed eliminate investment costs and replace them with running costs.”

Deployment benefits 

Enables the user to deploy whatever tool and whatever client wherever they want. And in addition, they don’t have to become IT gurus themselves to maintain the system

In cloud computing “investment costs” = CAPEX (Capital Expenditure) and “running costs” = OPEX (Operational Expenditure). For healthIT professionals who need an overview of cloud computing, please see this post

Software as a service (SaaS) and infrastructure as a service (IaaS) have been marketed as potentially attractive alternatives to buying large-scale information systems

Here is SaaS  and IaaS explained for those quite unfamiliar with the terms.


EMR vs EHR redux

Nate Bagley from Software Advice asked me to review his article and it jogged my memory… I wrote this a few years ago.  Only Nate offers some Google data to back up the idea that essentially an Electronic Medical Record (EMR) is a patient’s medical record sourced from one provider; an Electronic Health Record (EHR) is sourced from several providers. This is in line with Nate’s quote from Don Fluckinger, “EHR seems to refer to a record that can be shared back and forth and amended among multiple providers.

If I get my healthcare from one provider, say Sutter Health, where one electronic record is shared between primary care, nurses and specialists, is that an EHR or EMR?

Until the NHIN or HIEs gain traction, Sutter’s health record cannot be shared with Stanford Hospital literally across the street!

Back in the saddle, galloping to secure electronic health data.

Gentle reader,

After a hiatus of a few weeks, adjusting to my new position selling this, I am back in the blogosphere.

With my new focus on security for cloud, virtualization and general data center, I bring a new perspective and focus on healthcare IT – that is security of patient data. Ever so important if patient records are going to go electronic, especially if stored in the cloud. Aside from my new paid position, I have also had the privilege of volunteering under the stewardship of Arien, as the leader of the Security and Trust Workgroup of NHIN-Direct. I also have the privilege of working with the likes of Sean Nolan, who wrote a terrific compliment on my comparison of a Google and Microsoft PHRs.

So, securing electronic health data: Last week I attended a CSO (Chief Security Officer) conference in San Francisco and learnt some interesting lessons:

  1. Trust is fundamental in healthcare – patients may not disclose an embarrasing disease if they fear the data is not private.
  2. Security is required for regulatory purposes and patient safety.
  3. Computers are not personal. When IBM coined the term, PC or Personal Computer, computer users at work believed that the computer they used was theirs. Thus security software that is designed to restrict the flow of data, prevent users from accessing certain websites, download specific files or copy files to disks/thumb drives is viewed by the user as an invasion of their personal space, a restriction on their personal computer. Don’t make users paranoid to do their job or feel that big brother is watching their every mouseclick, but rather explain the highly personal nature of healthcare records and the need to secure access.
  4. Refine business processes. Often one reads of data lost when a laptop or external hard-drive is stolen, for example: 600 patient records lost on a stolen laptop. A natural reaction is one of horror and surprise. While certainly justified, a more analytical reaction would be “Employees are rarely malicious or dishonest, so what business process necessitated copying patient data to a laptop?” Refine, the business process that necessitated this action. Remove the individual choice of where to store patient data, rather make a business decision and apply a policy based on the data.

More on cloud and SaaS security to follow. I was pleased to read that the VA is taking steps to tighten security.

It’s good to be back!

Trend away from private practice?

An article in the New York Times describes the movement of physicians from private practice to becoming employees of medical clinics. Of particular interest to me was this:

But an even bigger push may be coming from electronic health records. The computerized systems are expensive and time-consuming for doctors, and their substantial benefits to patient safety, quality of care and system efficiency accrue almost entirely to large organizations, not small ones. The economic stimulus plan Congress passed early last year included $20 billion to spur the introduction of electronic health records.

I question the above statement for the following reasons:

  • Cost: Web based (SaaS) EMRs such as those offered by PracticeFusion (actually free), SOAPware,  and others are less expensive since the Physicians do not have to maintain expensive in-house hardware and software.
  • Time-consuming for doctors: I don’t see why an EMR used by private practice is any more time consuming than an EMR used in a clinic. All a Physician has to do is learn to type with 10 fingers and he/she will discover e-prescribing, electronic lab orders, faster patient search etc are features that far outweigh their paper alternatives.
  • Patient safety and quality of care: These benefits accrue equally to users of EMRs be they in private practice or clinics.