Sunday, March 28, 2010

Openly about Amazon's cloud

(This article in Estonian.)

One of the biggest Estonian software houses - Webmedia - hold an event last Friday where they launched their new application management service on Amazon EC2 cloud computing platform. I would like to thank the host of the event Tiit Anmann that he invited us from MicroLink also to the event allthough our hosting service is competing with the Webmedia AM service.

In MicroLink we analyzed Amazon cloud services more thoroughly in Autumn 2009 and it was an interesting project. Maybe the most important thing we discovered was that Amazon EC2 and S3 are not competing with MicroLink's IT services but are quite suitable for being used as a resource for our hosting service. As you know a hosting service consists of the following components:
- Data Center
- Network infrastructure
- Storage and Backup
- Hardware
- System level software (operating system, databases, application servers etc.) plus licenses.
- Work: Installation, migration, support, customer support.

Of these components the datacenter, network, storage, backup, hardware and operating system licenses can be either bought by ourself as in the traditional model or be delivered on Amazon platform. So literally speaking now we have an option between buying hardware from Sun, HP or others or use Amazon. The most important part of our service - the high-level IT specialist and customer support - is needed with both options.

Here are the results of our analysis:

Benefits of Amazon EC2 and S3:

- Servers can be started by the system administrator alone and fast. (No need for delivery and physical installation). The same possibilities are currently with our virtual server clusters.
- The service is developed fast and its level is technically high. The VPN, load-balancing and monitoring possibilities are already technically higher level than those of minor and mid-size hosting companies.
- Historically prices have decreased (fast). For example the introduction of reserved instances and the 50% reduction of Windows authenticated license servers in september.
- If the service is down or there is a security incident it is "world news".
- The service has been working well while we have used it for the last 9 months.
- Amazon seems to react to security problems and fix security holes fast.
- The virtual machine images (AMI-s) are OK. There are a number of them for many different operatingsystems.
- Copying of data to EC2 volume works. EC2 volume does not disappear and can be attached to another virtual server.
- Virtual servers are like ordinary servers - we have not yet discovered any problems with any software that has worked on an ordinary server and has not worked on Amazon.
- The computing capacity can be dynamically increased and decreased fast.
- There are a lot of useful software services like billing, e-shop etc.

Minuses of Amazon:
- The data is situated "in the cloud". There is no personal touch or agreement.
- Sending e-mail from Amazon servers is problematic because due to spammers the whole network is in spam black-lists.
- Firewall configuration is simplistic and based on security groups. Groups can be chosen only during startup of the instance and not while it is working.
- Whole action is under one account. So all the systemadministrators must work with the same password and the whole infrastructure is tied to the same credit card. There are not many possibilities to rights management.
- Automatic termination of servers (to save money) seems risky and not worth the money saved. Tools for that must be purchased from third parties.
- If an instance is terminated it dissapears with the data. This is partly a problem of terminology, but might seem surprising for system administrators new to Amazon. And you can be sure this is not a nice surprise. This is also a threat if the operating system hungs.
- Specialists must learn new skills to use the environment.
- Sometimes networking is a problem. The servers are in Ireland and network latency there is 45ms from Estonia.
- Some analytics think that cloud-computing as a business has not yet proven itself and here might be a threat that Amazon closes the service or highers the prices.
- Backup solution must be done differently.
- It is not possible to perform a National security audit (ISKE in Estonia)
- Microsoft license rent model (SPLA) does not support Amazon currently. This is even worse with Oracle.


- Pricing is based on usage, which is good
- All things cost little, but they cost. So the monthly bill can easily grow big. You might forget your server running or start a data copying process. All this will reflect in your monthly bill.
- Keeping costs under control is something that needs an effort.
- Prices are relatively cheap.

- Network access between two Amazon servers must be opened separately.
- After creating an instance it is not possible to change its security group. You must configure this correctly in the beginning.
- Shutting down a server means its dissappearance. If you have not made a bundle of it - it is dissappeared. The server survives a restart, but when the server crashes you must restore it with the help of Amazon support. So here is a risk.
- As the server is like a physical server it is possible to install monitoring agents on it. If you plan to save money by switching the server off for night-time you must take this into account when configuring the monitoring.

No comments: