Cloud-based applications offer great value and benefits to businesses and other application consumers. However, unlike traditional in-house developed systems or commercial-off-the-shelf (COTS) applications, the customer has little or no control over when and how functionality may change. The cloud consumer also has little or no control over how the data controlled by the application is processed, stored, and secured. This chapter explores how the testing of cloud applications is fundamentally different from other contexts where the customer has a greater degree of control. The limitations of risk mitigation are discussed as well as cloud computing models that may also reduce the cloud consumer’s risk.
TopIntroduction
The balance to be achieved in cloud computing is between the value of cloud-based applications and the cost of mitigating cloud computing risks such as functional correctness, fitness for use, performance and security. If the risks outweigh the value, then cloud computing is hard to justify and may not be the right course for an organization.
However, if cloud computing risks can be identified and mitigated to an acceptable level, then the discussion changes from “Should we adopt the cloud as a computing model?” to “How should we adopt the cloud as a computing model?”
The good news is that testing, based on the risks of cloud computing, can help mitigate these risks if appropriate actions are taken based on the tests and the risks. Testing can help mitigate cloud computing risks, evaluate the levels of these risks for your particular situation and help determine the extent to which the risks may impact you.
Before you can plan the right risk-based tests, however, it is necessary to understand the uniqueness and risks of cloud computing. Then, your tests can be aligned with the risks and deliver the information you and your management need to make informed implementation decisions going forward.
The key to aligning testing with the risks in your specific context is to develop a solid cloud-based test strategy. This article also outlines how to create a cloud testing strategy that reflects your implementation.
The New Landscape
The idea of global distributed computing is not new, but the widespread adoption of that computing model using the cloud is new. At first glance, cloud computing might appear as just another way to perform tasks on the web. However, there are many differences between cloud computing and the web sites and web applications we have built and tested in the past. Below are listed some of the key differences in cloud computing from other computing models. These attributes are referenced from the NIST report, The NIST Definition of Cloud Computing, Special Publication 800-145.
- •
Measured and Metered Usage: In the cloud you pay for what you use in terms of storage, bandwidth and other resources. This has an impact in terms of performance. Need more response time or more bandwidth? You can get what you need on demand. The issue is whether or not you are getting the service you are paying for, and are being charged the right amount for the service.
In traditional computing models, the normal practice is to acquire the best estimate of resources such as CPU speed, disk space, and so forth. Resources are then increased as needed. In the traditional view it often takes extended time to acquire and provision additional resources.
- •
On-Demand Self-Service: Web sites of the past often required help from the site administrator to configure new features and services. In the cloud, much of that control is given to the user to provision resources as needed with little or no advance notice to the cloud provider.
- •
Ubiquitous Network Access: The cloud computing model has opened many ways to access applications, data, other devices and users. For example, the ability of mobile devices to provide rich data and applications is largely due to the capabilities provided in the cloud. The availability of Internet access may be a problem for some people, which is an area of risk that must be considered when deploying cloud-based applications. However, the vision of being able to access applications anywhere and at any time is becoming closer to reality with the cloud computing model.
- •
Resource Pooling: Not only do you only pay for what you use, but you can share resources with others to help bear the costs of the infrastructure. This has risks related to how other resources may be consuming the pooled resources. Like living in an apartment building, the actions of each tenant can impact the other tenants of the apartment building.
- •
Rapid Elasticity: A classic challenge for managing computing environments is to know how much processing capacity is needed. In the cloud, you can buy what you need when you need it. This is an attractive option when you need extra processing capacity immediately. You also don’t have to buy more resources than you actually consume.
These are the differences and the main benefits seen in cloud computing, but there are risks and tradeoffs that must be addressed.