DIY Cloud-in-a-Box, Part 1
by John H. Jones – President, LabLynx, Inc.
Here at LabLynx, we have been providing our webLIMS.com product as a SaaS/Cloud based LIMS for the past 2 years. This has been a highly successful product offering for not only new customers but long time existing customers have started switching to our Cloud services over hosting the LIMS in their own internal IT infrastructure.
As part of our continued R&D efforts in Cloud Computing, I have decided to use my LIMS Journal Blog to chronicle a new experiment in Cloud Computing. It will be called “DIY (do-it-yourself) Cloud-in-a-Box”. The research in this area has already been going on for the past 6 months and there has been tons of failures and false starts with this experiment and so I want to spare everyone that pain by documenting our successes and failures from this point forward.
While we have had a Hosting Grade Cloud Infrastructure for the past 2 years, it is not a packaged system in a box. Let’s put it this way… Far from a box it is a good sized section of a SAS 70 II data center. What we have currently is far from being a DIY Cloud-in-a-Box. This new experiment is to take all that we know about Cloud Computing for the regulated industries and create a packaged appliance that can scale out without limits. We intend to use this to evolve our current Cloud Infrastructure into a new and more efficient system.
What is a Cloud-in-a-Box and why have one?
Well, let’s start by saying why a Cloud-in-a-Box is actually needed and what problems it solves. Folks in the regulated industries such as Life Sciences, Pharmaceuticals, Environmental and Food Testing, Healthcare, etc. fall under a number of regulations such as SOX, CLIA, HIPAA, HITECH, 21 CFR part 11, NELAC, CAP, ISO 17025, and the list goes on and on. There is a common thread across all of these regulations and it centers around the security and integrity of the data.
Since we have been providing our webLIMS for customers that fall under these regulations, we have had to provide an infrastructure that complies fully with each and every one of these regulations. We are audited constantly and have had no significant notices and all of them have been immediately addressed to the satisfaction of all auditors. All of this has served to evolve our Cloud Infrastructure to the point that meeting these regulations has become relatively easy these days. However, it has come at a huge cost to LabLynx in developing our production Cloud Infrastructure. I will not provide an exact cost figure but our Cloud Infrastructure is well into the multi-hundreds of thousands of dollars to build out and it continues to grow as our Cloud Hosting business grows.
So you may ask… Why didn’t you just use one of the large Cloud Providers to build on? That is a good question but there are two very good answers. First, it is control over our environment down to every detail. This single reason alone is a deal breaker when it comes to outsourcing to one of the large Cloud Providers. They simply do not and cannot comply with all of the regulations and audit requirements that we fall under and if we had hosted in those environments, we would have failed the first audits without anyway to address it. So that makes outsourcing for us impossible and we would contend for anyone trying to do what we are doing. The second reason is the cost. In order for us to provide the same level of computing capabilities, redundancy, High Availability, Disaster Recovery, performance, etc., the costs would have been several times more expensive than building out our own infrastructure when you factor it on a per customer, per month basis. So in summary, we chose to build our own Cloud Infrastructure in order to be compliant with all regulations our clients fall under and to provide it in such a way that it is cost effective to the customer.
So what is the key to being able to comply with all regulations and being able to do it cost effectively? Simple… It is the “Private Cloud”. We decided long ago to provide our Cloud Computing environment in two different ways. We provide a Public Cloud for our non-regulated customers and a Private Cloud for our regulated customers. The cost structure and technical requirements for the Public Cloud versus the Private Cloud are similar but different enough that it is generally worth having both offerings.
This is now a great lead into “What is a Cloud-in-a-Box”… It is a packaging of all the hardware and software needed to provide both a Pubic and Private Cloud but I feel that it should not stop there. It should provide all of the technical design, user, administrator, maintenance and validation documentation within the framework of a Quality Manual.
So where is this all going?
Well, the purpose of this series of blog postings will be to take the reader from the concept of a “Cloud-in-a-box” to actually having one that can serve as a Public Cloud or Private Cloud platform. In the end, we hope to have a working, fully functional appliance along with a complete Quality Manual on the system. Since LabLynx is a for-profit organization, this series of articles is not being done out of the goodness of my heart, it is being done to make a buck. There, how’s that for openness?
When I get this “Cloud-in-a-box” done, you can build your own without sending LabLynx a dime but if you want to save yourself the aggravation of dealing with all the details, trials and errors, then you can simply order a finished box from LabLynx and put it in your own datacenter or we will host it for you in ours and maintain it as part of the hosting service. You can choose whether to DIY or get it packaged from LabLynx based upon what is best value for you. You can’t say fairer than that!
What’s Next?
In the next blog posting, I will provide an outline of the Quality Manual for this “Cloud-in-a-Box”. We will give it a product name and logo. After that, the series will continue until we reach the end and there is a product ready for you to build yourself or buy or rent. What is great about all this is that you will learn the inside details of the system and how it complies with regulatory requirements that your lab may be operating under. So when it comes to the audit, you are getting a first hand look at how the system is designed, documented, constructed, operated and maintained. This will take the mystery out of Cloud Computing and provide a nuts and bolts view that anyone can appreciate.
At the very least, you will know a tremendous amount about Cloud Computing and you will be able to intelligently evaluate Cloud Hosting providers and know what questions to ask or how to audit them for your own purposes.
