How to use the cloud as a developer sandbox
- By Rutrell Yasin
- Aug 27, 2012
Researchers at the Centers for Disease Control and Prevention looking to build Web prototypes and explore new technologies now have a virtual software lab where they can test and refine software applications before taking them live.
The lab is actually a slice of the Public Health Informatics Research Cloud, a private cloud set up by the CDC's Informatics Research and Development Activity (IRDA) that gives researchers access to virtualization technology that lets them experiment in ways they couldn't before.
CDC moves disease surveillance system to the cloud
Virtualization vital to vaccine tracking
The private R&D cloud expands the agency's ability to test software, analyze technologies and get feedback on Web development before it goes into production, according to officials from IRDA, which focuses on applied public health R&D.
Since its origins five years ago, IRDA has grown from a small entity into a key technology service for all of CDC. Today, Atlantia-based IRDA is working on almost 100 different software development projects with 25 programs across the agency and country, some as far away as Alaska.
"A few years ago we did not exist," said Tom Savel, director of IRDA, which is a part of the Public Health Surveillance and Informatics Program Office. "I think there was recognition in the agency that there needed to be a dedicated team of people that were focusing on cutting-edge technology and trying to help push the envelope for public health."
In addition to carrying out applied research, sharing evaluations and developing prototypes, the R&D team also provides consultation to CDC and its public health partners.
Cloud as change agent
In once instance, researchers in a chronic kidney disease program were able to use the R&D cloud to quickly get feedback from users on development of a Web front end for a knowledge portal instead of setting up their own system or holding focus groups.
The IRDA team set up a temporary Web site through which the portal's developers could send a URL to users for feedback on workflow, functionality and the look and feel of the portal. Users had access to only the Web portion of the knowledge management portal with sanitized information from public data sources, Savel said.
The lab is getting plugged into these processes more "because we have a way to get that persistent preview out to user groups," Savel said.
The lab's cloud is also being used to promote and educate CDC employees about open source software, a major push within CDC. But as with many large agencies, it takes time for CDC to move to new technology. To that end, the IRDA lab set up an open source toolset on the cloud, allowing those who do not have much hands-on experience with open source to experiment and gain more knowledge about the software.
If users want to create an open source project, there is a place where they will find code, fixes for bugs, information on issue tracking and a place to establish collaboration and discussion forums, Savel said. The cloud in this respect acts as a change agent, helping to change perceptions of open source software, he noted.
Most engagements run from three to six months, according Brian Lee, IRDA's deputy director. Agency programs are not looking for a permanent home, he added. They just need a temporary space to test a concept or experiment with it. The cloud allows them to do multiple tests.
Once an application moves out of the prototype stage it might wind up being hosted in an external cloud solution – or even at the Apple App store. One mobile clinical decision support application, the PTT Advisor, is now available for free on the Apple App Store. The app assists clinical providers evaluating laboratory blood tests for abnormalities in blood clotting. The app is the result of a close collaboration between the lab and CDC's Laboratory Science, Policy and Practice Program Office.
The security fix
Like most cloud deployments, security was a major concern when the IRDA lab decided to create a virtual space where researchers could build and test applications and Web prototypes. But because it is a testing environment, no live patient data is run in the lab "Our lab network is completely distinct from the CDC network," said Savel. "It doesn't touch it at all."
A big challenge was working with CDC's security and IT departments to build security controls for the environment since most controls were designed for production systems, he said. The lab has three rules: use only synthetic data, no system interdependencies and no patient information, said Lee.
If an agency program has a project or prototype, researchers test it without using sensitive data. That lets the users test new software and approaches within a secure sandbox environment that is not going to impact existing systems or health data, Lee explained.
We wouldn't want anyone running a prototype in the lab using virtual machines that are hitting live medical systems. We wouldn't let that happen," Savel added.
Costs and returns
When IRDA first moved into cloud computing, building a private cloud was less expensive than going with a commercial or public cloud provider, said Lee, because the cost of a virtual machine in the private cloud was much lower than a virtual machine in the public cloud. However, public and community clouds have become more efficient and now there is more competition in the cloud space.
"Now we can have the ability to move virtual machines into a partner cloud if it saves us money," Lee said.
CDC programs are not charged for using IRDA's research cloud. At the same time, a program cannot tie up 100 virtual machines, which would be too much of a drain on resources, IRDA officials explained. But while the CDC does not charge for its services, the research cloud is saving the agency about $15,500 per engagement, all of it in cost avoidance. Without the cloud or virtualization, users would have to acquire hardware, which can be hard to repurpose.
And software licenses can be reused. The IRDA cloud is structured in such a way that an agency with a short engagement – three to six months – can reuse the licensing from another engagement that is wrapping up. This creates savings on operating systems, databases, application servers and mid-tier servers. Plus, since agency users don't have to set up an infrastructure, they save on costs associated with hiring people to plan and design a system.
Besides becoming a hybrid cloud, other future plans for the R&D cloud involve improving monitoring and performance capabilities. The R&D lab evolved from a pure virtualization service into a cloud, Lee noted.
"We added a lot more functionality, which allows engagements outside of our departments to use it," Lee said. "Not just CDC programs but their partners outside the agency are able to access the space."
Rutrell Yasin is is a freelance technology writer for GCN.