Your SlideShare is downloading. ×
quicloud Apr 20 2010 Boulder New Tech Presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

quicloud Apr 20 2010 Boulder New Tech Presentation

409
views

Published on

rICh morrow presents on quicloud -- good overview of the various cloud server providers and things to consider when moving apps into the cloud.

rICh morrow presents on quicloud -- good overview of the various cloud server providers and things to consider when moving apps into the cloud.


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
409
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. State of the Cloud (Server)
    Where things are now
    Where they’re headed
  • 2. “cloud server” or IaaS(Infrastructure as a Service)
    Barebones servers you can take up or down (or up/downgrade) in just a few minutes
    Charged by use (hour/server GB/storage)
    Becoming a great choice for high availability applications like Web apps & Web databases.
  • 3. Common use cases
    High availability, high volume production systems– CDNs, Web Sites
    Testing + Development – Quickly set up & tear down benchmarking, Staging environments, Test replicas.
    Backup -- Copy office desktops, production filesystems & databases…
    CPU heavy reporting & analysis -- Spin up serious power only when you need it
  • 4. Shortcomings
    Most initial servers are completely secure (no ports open no services running) and therefore, completely useless.
    Security and scalability (individual instance) is all up to you. The second you start doing anything useful (like starting a webserver, opening up SFTP), you become vulnerable.
    No “Cpanel” interfaces… yet. If you don’t know the OS (Win or Linux), you can’t do much.
    Not a wide variety of “one button” installs for popular packages (like Drupal, Wordpress, Joomla)…yet.
  • 5. Major IaaS cloud providers
    Amazon probably has the most mature, complete product family right now. Great for “Enterprise” apps that need built now.
    Rackspace probably has the best cost / performance ratio and lowest entry cost ($11/month). Great for small / medium businesses.
    GoGrid positions at the high end ($200 / month for entry), but has lots of useful advanced software and hardware to secure, balance & scale.
  • 6. Strengths + Weaknesses
    Elastic Cloud Computing (EC2)
    The most mature auto scale API, you define custom conditions (CPU, memory)
    Extensive (but sometimes conflicting) docs & developer resources
    Forget trying to talk to a real human
    Simple Storage Service (S3)
    Ridiculous cheap network storage ($.15 per GB for first 50 TB of storage).
    You can FTP, GET, POST and more to build a sort of "roll your own" storage and querying system.
    Downsides
    Difficult initial setup -- Private to public IP maps, no internal DNS server, heavy reliance on the API for interactions with your instances.
    Seem to have lower performance for the same hardware footprint (Google it).
    Entry solution is costly -- 8.5 cents/hr or $60/month
  • 7. Super easy to set up and maintain (about 4 clicks to set up most of the products)
    Probably the best performance for the money
    Lowest cost on low end (I host unlimited domains with shell access for $11/month)!
    Claim to be 2x as powerful as comparable EC2 hardware footprints.
    Use local disk storage (no network lags).
    100% network SLA + Real humans a phone call or chat away.
    Will be adding in advanced features
    Autoscale API (You *can* hack this together with tools like Nagios now).
    "one button apps" via StandingCloudrelationship
    Strengths + Weaknesses
  • 8. A nice mix of Amazon & RS Cloud features, focus on the high-end
    Auto scale API of Amazon
    Set up / maintenance ease of Rackspace
    100% Network SLA
    Already offer “One button” installs
    Costly (entry at $200/month), but good value if you need:
    Unlimited 24x7 “real human” support
    f5 load balancing
    Multiple IPs (up to 10)
    Single datacenter (San Francisco) makes them vulnerable to complete outage
    Strengths + Weaknesses
  • 9. Where do they all fail?
    Only accessible to Developers -- They just give you an oven. You still have to bring all the ingredients & make the muffins.
    Security, Scalability (of each instance), Maintenance -- You're just getting "from the disk" installs and you’re responsible for *everything* afterward. More than enough rope to hang yourself if you or your IT team are not on top of the security and maintenance.
    Generally focused on “Enterprise” – Slowly becoming more accessible to small and medium businesses.
    Costly at the high end --Crack dealer model (cheap when you start, pay once you’re addicted).
  • 10. Next 3-6 months will see
    At the providers
    "one button" installs for popular products will be the norm
    Mature, rich APIs will be ubiquitous
    Advanced security features like hardware & software firewalls (at a cost), "custom images”
    StandingCloud Release
    Simple cloud-provider agnostic "one button" installs for popular stacks/packages like Drupal, Wordpress, Joomla, Mantis, etc
    Release scheduled for Q2 (although you can "test drive" it now)
    Have established relationship with Rackspace. Major PROPS!!!
    QuiCloud Release
    Providing security and scalability products / services for clouds
    Provide expertise to help clients architect for the cloud
    Help clients maintain products on the cloud (Sys Admin functions)
  • 11. Conclusion
    Cloud providers are quickly merging in functionality – In 12-18 months, it’s all going to come down to price and performance.
    Rackspace offers the best value now (IMHO) – Super cheap to start, great performance, Amazon-level features coming down the pipe.
    Get a good Sysadmin or Cloud Expert to deal with the complexities. Clouds just make it too easy to get yourself into trouble. Clouds make initial architecture (esp security, scalability) so much more important.
    QuiCloudand StandingCloud start providing services in a few months. Stay in touch with these companies and make sure to follow their blogs -- they will save you tons of headaches and help you understand how to squeeze maximum value out of the cloud.
  • 12. Questions? Answers?
  • 13. Securing and Scaling IaaS
    Security – OSSIM, fail2ban, mod_security (Apache), suhosin (hardened PHP5), Snort IDS/IPS, TrueCrypt
    Scalability – Profiling (kcachegrind), Benchmarking (Jmeter, ‘ab’), caching (APC, memcached, Squid)
    Monitoring + CI Testing –Nagios, NTop, Selenium, PHPUnit / JUnit, Pingdom
    White hat hacking and penetration testing using tools like nmap, and automated testing of published vulnerabilities
    QuiCloud plans on offering all of the above services, as well as low cost (probably $200-$300), “common vulnerability” patching for LAMP stacks, Drupal, Joomla, Wordpress, etc.