Posts Tagged Azure
The one question that every CIO should ask themselves… What are you going to do when (not if) your cloud systems fail?
Frank started the conversation with this response to my tweet about Azure:
Frank: “Exactly the type of thing that reinforces CIO fears about cloud…”
Stuart: “working on the assumption that cloud outages are inevitable… I feel it’s how vendors respond that will give CIO’s confidence”
Frank: “No, fewer outages will give confidence…”
Stuart: “I’ll meet you half way… Fewer outages and proper service management around problems when they do happen…”
Frank makes the point that some of his CIO contacts were livid following this outage. And this is where this post really starts, as I challenged Frank as to exactly who they were livid at on the basis that to overall accountability for a company’s IT systems, whether they be on premise or in the cloud lies with the CIO.
Stuart: “as CIO you’re accountable for everything as you choose to use cloud or not!”
Alongside the Azure thread there was a parallel thread running on cloud security that had been started by Dennis Howlett in his Accman blog.
“Anything that connects to a network is vulnerable. That includes EVERY cloud player, regardless of the service they offer. What matters is the extent to which vulnerabilities exist AND are capable of exploitation.”
Let me share my belief here, these two topics are intrinsically linked, i.e. when you’re appointed as a CIO you’re trusted to deliver competitive advantage for your company through IT. Now, it doesn’t take a rocket scientist to work out that if you can’t maintain availability and adequate security of your systems then you’ll only manage to deliver disadvantage, and you probably won’t be around very long.
So, let’s get back to the title of the post… what are you going to do when your systems fail (which is inevitable)?
If you’re running in house, the apps themselves (if they are decent apps) are least likely to fail, more likely failures are from switches, disks, networks, cables and other parts of infrastructure. You protect yourself against this by designing your datacentre(s) around redundancy with zero single points of failure.
If you’re running cloud services, you pick a reputable supplier who works with a reputable hosting partner right? Well, yes but as we saw with Azure yesterday (and previously with Amazon and Rackspace and most other reputable cloud vendors) the same hardware failure points exist in cloud provider datacentres as they do in your own. If you appreciate and accept this this then you’ll also be mindful that you could be introducing a single point of failure in your enterprise platform and that your service availability is now at the mercy of their service availability.
When you running outside of your own bricks and mortar you also need a high bandwidth and high availability WAN, Firewalls and Proxies, etc that all need to be fault tolerant and designed around redundancy to ensure adequate access and security at all times. Even then you can’t mitigate around someone digging up the cable which has happened to me twice this year and is more common than you might expect.
Is this a story of cloud bashing? No it isn’t, it’s a story of how the CIO needs to take full accountability for managing risk within their platform.
- If you’re running mission critical systems and your business can’t afford any outage then you simply can’t design a single point of failure into your enterprise platform.
- If you’re running non mission critical systems, then you may choose to take a little more risk around availability and accept a single point of failure and manage any disruptions that may arise.
What you deem to be mission critical or not is your own decision and it doesn’t have to be one or the other. For my part I run a hybrid platform where some parts are mission critical and some parts less so and the platform design and location of services (in house vs. cloud) reflects this.
Of course from a customer perspective people outside of IT expect things to work 100% of the time and if you’re running either of the above, or a combination, then any outage no matter what damages your credibility with users.
So as an effective CIO, you need to design an effective platform around what your business needs, you need to manage the risk, you need to pick the suppliers that you work with, and you need to take full accountability when things go wrong. Yes you can get livid with your suppliers, but just remember who picked them and remember who chose to introduce a single point of failure into your platform in the first place.
So, what are you going to do when (not if) your cloud systems fail? Make sure you know the answer today.
Footnote: This post relates to large enterprise businesses and the role of the CIO and the point I’m trying to make is you have to plan for failure to guarantee success.
Part of this cross posted here
Taking Amazon EC2 as an example… its sounds pretty simple to begin with…
Pay only for what you use. There is no minimum fee. Estimate your monthly bill using AWS Simple Monthly Calculator. The prices listed are based on the Region in which your instance is running. For a detailed comparison between On-Demand Instances, Reserved Instances and Spot Instances, see Amazon EC2 Instance Purchasing Options.
But read on, and you discover you can choose between ‘free tier’ or ‘on-demand’ or ‘reserved instances’ both with different pricing models, and you can even bid to buy unused capacity in the shape of a ‘spot instance’. You’re maybe thinking that when you’ve worked this all out then you’re done… not quite. On top of this you then incur data transfer charges, elastic load balancing and Amazon S3 block storage charges.
I wonder how many people pick something small and simply put their credit card details in hoping the bill at the end of the month won’t be too bad?
Well, a word of advice… If you’re running a small application periodically (and remember to shut it down, because you’ll still be charged if you leave the lights on) then you’ll be amazed how little this costs. However, if you’re running a decent sized business application 24×7 then you’ll be amazed how much the costs mount up… and you might even resort to searching for the chap who told you that cloud was cheaper than owning your own hardware.
To compare and contrast let’s have a look how Microsoft promote Azure, again pretty simple on the surface:
You have two basic types of offers to choose from when purchasing a Windows Azure platform subscription. The first type is consumption offers. This type requires no commitment – you pay only for what you use. The second type of offer is a commitment offer that provides a significantly discounted level of service in return for a six month commitment to pay a monthly base fee. Any usage in excess of this amount is charged at our standard consumption rates. Here is a summary of our different plans:
There is also a MSDN Premium license for developers, but like Amazon when you get into the detail it can be complex. What’s more they offer packages in the shape of a Development Accelerator Core a Development Accelerator Extended and a SQL Azure Development Accelerator Core … Fantastic… erm no… this is confusing for a seasoned IT person. I wonder what a small or medium sized business looking to move some systems to the cloud would make of it.
Rackspace are another one of the ‘big cloud players’ and their proposition seems much easier to understand on the surface:
You pay for each Cloud Server (virtual instance) by the hour. For your convenience, the monthly totals are also listed here.
However, on top of the basic instance you again have to pay for data transfer costs and also you need to pay for cloud files storage (similar to Amazon S3) and the cost varies depending if you run a Linux or the more expensive Windows OS.
Amazon, Microsoft and Rackspace, although big names, are only a small sample of dozens of cloud providers operating today… have a look at www.cloudpricecalculator.com to see some of the others.
The cloud is for everyone, but not for everything…
I was intrigued by this story from the BBC website last night on how 70 big name firms had formed an alliance to drive Cloud standards. The story begins :
Some of the world’s biggest companies are using their market clout to demand that computer equipment makers change the way they make their machines.
The 70 firms, which includes BMW, Shell and Marriott Hotels, said systems that do not work together are holding back the spread of Cloud computing.
The companies have formed the Open Data Alliance Centre to push for unified standards for technology.
Standardisation is something that has been talked about for some time in the industry, and whilst I fully support standardisation and applaud the concept, I have some concerns.
Why do I feel this way?
Well, in my recent post when the industry is crying out for standards, why reinvent the wheel, you can see just how difficult it is to get a simple xml schema adopted for sharing transactions across heterogeneous systems.
I am pro Cloud and pro standards, and I feel a “Cloud standard” would indeed be a fantastic thing as it would remove a number of barriers blocking Cloud adoption today:
- It would remove the vendor lock in fear and put choice back into the hands of the customer by enabling the movement of customer applications and services between Cloud vendors, should the customer need to.
- It would allow customers to run and have interoperability between different applications and services hosted on different Clouds, i.e. it is highly improbable for all aspects of a businesses need for systems to be available from a single Cloud provider.
- It would also help bridge the gap between the Cloud and the millions (billions) of desktop software applications.
- If we started with a security standard then that would allay the many fears that people have about Cloud Security, almost in the same way that certification works today.
So what would prevent this, well maybe we have to look no further than the Cloud vendors themselves? What would be their competitive advantage if all were equal? What would separate the big guys from the small guys? Would it stifle innovation? And how long would it be before there was a breakaway?
We have seen this many times before in the world of technology, you only have to think back to Java and how Microsoft broke the language when they launched their own flavour … J++ .
Will the Amazons, Azure and Other major players come to the table in the spirit of altruism? Or may they not need to should “Open Source Cloud” gather significant momentum, much in the same way that Linux has become the defacto supercomputer OS.
The seeds may have been planted already… In a very interesting move earlier this year, 25 Cloud vendors including the likes of Rackspace, Dell and Citrix teamed up with NASA on the OpenStack project. The press release started:
San Antonio, TX – July 19, 2010 – Rackspace® Hosting (NYSE:RAX) today announced the launch of OpenStack™, an open-source Cloud platform designed to foster the emergence of technology standards and Cloud interoperability. Rackspace, the leading specialist in the hosting and Cloud computing industry, is donating the code that powers its Cloud Files and Cloud Servers public-Cloud offerings to the OpenStack project. The project will also incorporate technology that powers the NASA Nebula Cloud Platform. Rackspace and NASA plan to actively collaborate on joint technology development and leverage the efforts of open-source software developers worldwide.
And goes on to tackle the standards question by saying:
“We are founding the OpenStack initiative to help drive industry standards, prevent vendor lock-in and generally increase the velocity of innovation in Cloud technologies,” said Lew Moorman, President, Cloud and CSO at Rackspace. “We are proud to have NASA’s support in this effort. Its Nebula Cloud Platform is a tremendous boost to the OpenStack community. We expect ongoing collaboration with NASA and the rest of the community to drive more-rapid Cloud adoption and innovation, in the private and public spheres.”
This could be exactly what’s required to move the standards argument forward, and I for one will be following it with great interest.