SlideShare a Scribd company logo

Know your cirrus from your cumulus (with notes)

•
•
Andrew Phillips
Andrew Phillips

Slides (*with notes*) from the presentation first shown at http://jazoon.com/Conference/Tuesday-21-June/Andrew-Phillips

Technology
1 of 59
1
These clouds… 2
…all look… 3
different. 4
Does it matter? 5
Well, it does to me! Let me give you an example. We were flying towards what we thought… 6
…was a nice “puffy”, but when we hit it at 6000ft or so… 7
…it turned into something like this. 3000ft of solid cloud bank. 8
When we finally got below it, we were here. 9
For the record, we made it quite a long way back, and everyone was safe. 10
In general, whether the difference between clouds should matter to you is an open and very good question. 11
The Architects’ Answer applies: “it depends”. Opinions differ widely on this – as I was preparing this talk, we had some very interesting ideas about that. 12
But how did this whole thing come about in the first place? Well, I spend some of my night hours on jclouds, the Java multi-cloud library. 13
jclouds connects to a whole bunch of different cloud providers all the way from IaaS to SaaS, and we have users from every part of the cloud spectrum. From… 14
…people that build platforms… 15
…to people that build service offerings on top of platforms… 16
…to users of those service offerings. 17
So we get lots of feature requests, some pretty much ahead of the curve with respect to the rest of the cloud landscape. 18
And as we were getting some many requests for additional metadata beyond what the main jclouds Compute and BlobStore APIs provide, we – Adrian, mainly – embarked on an intensive round of information and opinion gathering to see how to best support our users. As expected, views differed quite widely, even amongst experts. From… 19
…”why should you care” to… 20
…”I need full access”. 21
So I should make it very clear now that I am not about to present the One Jclouds Truth about cloud metadata and how much you should have access to or need to have access to. Rather, this is a summary and analysis of what we discovered there, and what we’ve done with this information so far. This is not about you accepting some “gospel truth”… 22
…but about putting you in a position to a) know about some of the non-obvious issues out there b) have an idea about how these issues may or may not impact your applications and business c) know where to go to get the information you need In other words, at the end of this talk, you should be further along the road to being able to make an informed decision about how much you want/need to care about cloud details, and how to architect for that! 23
The points we’ll address today… 24
Unsurprisingly, given that the topics came from our users’ use cases, many are related to the “classic” cloud topics around performance, traceability, jurisdiction, security and recovery. 25
Let’s start with location. First of all, it’s important to distinguish between physical (i.e. geographical) and logical (i.e. network) location. 26
If you’re talking physical location, sometimes it’s the absolute location you’re talking about. 27
Say, within a certain number of hours drive from a certain point, or within a certain geographical area (think jurisdiction). 28
Sometimes, it’s only relative location that you’re interested in. 29
Such as – and yes, using the same slide to illustrate ;-) – not within 100 miles of each other (think blast radius and disaster recovery) or within 1h drive of each other (think engineer on an emergency callout). Challenges: - what kind of representation to choose? Lat/long not offered by enough providers, plus may vary over time, plus impossible to define for the SNIA concept of “set of regions” where there is no one point. - Some providers have a “location” model that doesn’t correspond to jurisdictional boundaries or “real-world” political entities, which is important for almost all “physical location” use cases. - Some kind of manual mapping required, but luckily the physical location of the actual datacenter(s) – if known – is pretty damn static info. - Good compromise: ISO-3166 30
Other times, you’re not really interested in the physical proximity at all, but in the network proximity, which is mainly interesting in terms of performance. Such as: connected by a network connection of at least a certain speed, or within the same “performance or SLA domain” (e.g. availability zone). Or ping times, bandwidth guarantees, speed to main internet peers etc. Or even relative logical location, i.e. “behind a firewall” or “in the same datacenter”. Challenges: - How to choose “representative” IPs when these might shift? - How to measure speed/performance of these IPs in a consistent way when some providers e.g. de-prioritize ICMP traffic 31
As we see, many location use cases boil down to jurisdiction, which has relationships also to audit, ownership, stewardship, data sovereignty. This is a hard problem – there are already some startups attempting to help you through this. 32
Many companies require audit, but there are as yet few standards or means to identify audit levels of providers, let alone verify them. Cloudaudit is trying to tackle this. Note that audit is not the same as security, although both are “cross-cutting concerns” in the sense that they affect all your choices of platform and service providers, but require different hooks. And, depending on the actual technology you’re talking about, these hooks may not even exist…but more about the problem of “layers” in a bit. 33
Ownership of data remains important, but it is not enough. Of course, in most cases your data is still yours, but suddenly you are dependent on… 34
…a steward to handle this data for you responsible. It’s no longer your house, and no longer your “house rules”, either. I.e. this steward may well have policies that… 35
…prevent him from doing so! And, depending on your offering, there may be multiple “nested” stewards involved – think CloudBees using EC2, all of whom have policies you may be violating. And, in fact, in many cases you may not even be aware of these nested stewards because your immediate provider may not expose that implementation detail, or may decide to switch. The WikiLeaks story is a good demonstration of this… 36
This can mess with you especially if you try to apply a “traditional” steward model such as UPS. Of course, they also have T&Cs that prevent you from shipping certain items, but those items remain yours and, more importantly, they remain. In the cloud, if your provider takes you down, your data may be gone. 37
In general, there are many questions around data sovereignty and relations to handling policy, especially how to enforce this policy programmatically? - can I control where my data goes? - can I set bounds on what is happening where? - clients with zero tolerance on data location (e.g. us-standard) Don’t be fooled – big companies are actively looking at this, even if they may not talk about it. 38
SLA and pricing information is naturally a key metadata concern, especially for platform providers that wish to implement automated chargebacks and/or make intelligent, automated choices about load balancing and system provisioning. Key challenges here: - defining a standard “compute unit” and pricing model for that unit - defining a service level descriptor that can be compared -define a comparable “rebate policy” Note that service levels in the cloud can be more tricky than at first might seem – being inaccessible (perhaps even just being inaccessible from a certain location) may not qualify as a violation of service level. See the EBS case. In other words, if you’re concerned about this it’s wise to take a chaos monkey approach and assume everything can become unavailable. 39
Power is still something of a differentiator at present (e.g. “green” vCloud provider), but may become a legal requirement in some areas, e.g. Cali. Note that providers appear unlikely to want to expose this kind of potentially sensitive data to external services. 40
So what did jclouds take away from these inputs? 41
Well, it’s a hard problem! There are plenty of complicating factors: - missing or incompatible hooks 42
- missing data 43
- data that is not automatically parsable 44
A fundamental issue across all these metadata domains relates to the more-and- more-frequently violated assumptions around the layering of cloud infrastructure (host OS, hypervisor, guest OS etc.). 45
We’ve tried to come up with nice architectural abstractions here, that layers represent some kind of infrastructure or software platform (hypervisor, guest OS etc.)… 46
…but in many cases this is a bit of a magic trick… 47
…and sometimes it goes wrong ;-) There are plenty of offerings out there that nest these (e.g. CohesiveFT and CloudSwitch with nested hypervisors) or virtualize/simulate others, meaning that hooks that expect to be able to access the “layer below” may not work – or worse, may transiently produce different results. 48
Conclusion: Small wrinkles (e.g. us-standard, us-west but no us-east) aside, location is both fairly well definable and appears in *many* use cases 49
So jclouds introduced the Location API 50
Others still too vague/too non-standard/too much “null” data/too much manual work/not enough use cases 51
We don’t want to reinvent any wheels here – if possible, one can look at delegating to others e.g. cloudaudit. 52
Of course, other organisations are looking at these metadata issues too – e.g. SNIA’s model of allowing the client to express constraints on the provider they want, rather than simply exposing the data and getting the client to choose (‘Data System Metadata’) Open question: not too complicated for storage providers to offer? The OSGi Cloud Working Group is also looking at these issues, and e.g. deltacloud also supports capability metadata, although from a client-query perspective 53
54
Basically, whether you need to care about a lot of this depends on the “zoom level” you want to choose. Of course, this decision may change over time – witness lots of people now thinking about having fallback options if EC2 goes down again… 55
…but hopefully you’re now at least in a position to think about these issues… 56
…in a useful and constructive way. 57
Thanks! 58
59

Recommended

Private Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionPrivate Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing Adoption
Dana Gardner
 
Up in the Clouds: Cloud Computing and GIS
Up in the Clouds: Cloud Computing and GISUp in the Clouds: Cloud Computing and GIS
Up in the Clouds: Cloud Computing and GIS
Willbros Group, Inc.
 
VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...
VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...
VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...
Dana Gardner
 
Cloud Adoption Secrets
Cloud Adoption SecretsCloud Adoption Secrets
Cloud Adoption Secrets
Justin Pirie
 
Cap in depth
Cap in depthCap in depth
Cap in depth
Ioanna Tsalouchidou
 
Euro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is Better
Euro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is BetterEuro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is Better
Euro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is Better
jon_graham1977
 
Prince Building Tech Talk 12102012
Prince Building Tech Talk 12102012Prince Building Tech Talk 12102012
Prince Building Tech Talk 12102012
Andy Parsons
 
ClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud Testbed
Jazz Yao-Tsung Wang
 

Recommended

Private Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionPrivate Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing Adoption
Dana Gardner
 
Up in the Clouds: Cloud Computing and GIS
Up in the Clouds: Cloud Computing and GISUp in the Clouds: Cloud Computing and GIS
Up in the Clouds: Cloud Computing and GIS
Willbros Group, Inc.
 
VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...
VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...
VMworld Case Study: CharterCARE Health Partners Leverages Cloud and VDI to Ai...
Dana Gardner
 
Cloud Adoption Secrets
Cloud Adoption SecretsCloud Adoption Secrets
Cloud Adoption Secrets
Justin Pirie
 
Cap in depth
Cap in depthCap in depth
Cap in depth
Ioanna Tsalouchidou
 
Euro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is Better
Euro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is BetterEuro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is Better
Euro Cloud 23 5 12 Interoute The Cloud Is Great But Vdc Is Better
jon_graham1977
 
Prince Building Tech Talk 12102012
Prince Building Tech Talk 12102012Prince Building Tech Talk 12102012
Prince Building Tech Talk 12102012
Andy Parsons
 
ClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud TestbedClassCloud: switch your PC Classroom into Cloud Testbed
ClassCloud: switch your PC Classroom into Cloud Testbed
Jazz Yao-Tsung Wang
 
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
Connecting Up
 
Digital Trust In The Cloud
Digital Trust In The CloudDigital Trust In The Cloud
Digital Trust In The Cloud
CSC Trusted Cloud Services
 
Super secure clouds
Super secure cloudsSuper secure clouds
Super secure clouds
University of Hertfordshire
 
Double spending
Double spendingDouble spending
Double spending
sabativi
 
Sept 24 NISO Virtual Conference: Library Data in the Cloud
Sept 24 NISO Virtual Conference: Library Data in the CloudSept 24 NISO Virtual Conference: Library Data in the Cloud
Sept 24 NISO Virtual Conference: Library Data in the Cloud
National Information Standards Organization (NISO)
 
Open Clouds: The New Primitives in Enterprise IT & Mobile Networks
Open Clouds: The New Primitives in Enterprise IT & Mobile NetworksOpen Clouds: The New Primitives in Enterprise IT & Mobile Networks
Open Clouds: The New Primitives in Enterprise IT & Mobile Networks
Mark Voelker
 
Open Clouds: The New Primitives in Enterprise IT and Mobile Networks
Open Clouds: The New Primitives in Enterprise IT and Mobile NetworksOpen Clouds: The New Primitives in Enterprise IT and Mobile Networks
Open Clouds: The New Primitives in Enterprise IT and Mobile Networks
All Things Open
 
Storagemag onlinemay2012 final
Storagemag onlinemay2012 finalStoragemag onlinemay2012 final
Storagemag onlinemay2012 final
gdp4145
 
Comunicacion 1.0 A 2.0
Comunicacion 1.0 A 2.0Comunicacion 1.0 A 2.0
Comunicacion 1.0 A 2.0
vocalcultural
 
Comunicacion 2.0
Comunicacion 2.0Comunicacion 2.0
Comunicacion 2.0
Daniel GarcĂ­a
 
PLAN DE COMUNICACION 2.0
PLAN DE COMUNICACION 2.0PLAN DE COMUNICACION 2.0
PLAN DE COMUNICACION 2.0
Eduardo Garre Victoria ÂŽ
 
ComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SST
ComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SSTComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SST
ComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SST
Community Manager Full Audit
 
Herramientas de comunicaciĂłn 2.0
Herramientas de comunicaciĂłn 2.0Herramientas de comunicaciĂłn 2.0
Herramientas de comunicaciĂłn 2.0
manuelfloresv
 
De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...
De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...
De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...
Malena Rivera
 
Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Livingstone Advisory
 
Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?
Livingstone Advisory
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Livingstone Advisory
 
cloud-computing-security.ppt
cloud-computing-security.pptcloud-computing-security.ppt
cloud-computing-security.ppt
SaravanaKarthikeyan10
 
Cloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowResCloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowRes
David Chujor
 
Cloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowResCloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowRes
Darren Szukalski
 
Cloudsourcing2013
Cloudsourcing2013Cloudsourcing2013
Cloudsourcing2013
Cliff Ashcroft
 
The What, the Why and the How of Hybrid Cloud
The What, the Why and the How of Hybrid CloudThe What, the Why and the How of Hybrid Cloud
The What, the Why and the How of Hybrid Cloud
Hybrid Cloud
 

More Related Content

What's hot

#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
Connecting Up
 
Super secure clouds
Super secure cloudsSuper secure clouds
Super secure clouds
University of Hertfordshire
 
Open Clouds: The New Primitives in Enterprise IT & Mobile Networks
Open Clouds: The New Primitives in Enterprise IT & Mobile NetworksOpen Clouds: The New Primitives in Enterprise IT & Mobile Networks
Open Clouds: The New Primitives in Enterprise IT & Mobile Networks
Mark Voelker
 
Storagemag onlinemay2012 final
Storagemag onlinemay2012 finalStoragemag onlinemay2012 final
Storagemag onlinemay2012 final
gdp4145
 

What's hot (8)

#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
#CU12: Another cloud is possible - Allen Gunn at Connecting Up 2012
 
Digital Trust In The Cloud
Digital Trust In The CloudDigital Trust In The Cloud
Digital Trust In The Cloud
 
Super secure clouds
Super secure cloudsSuper secure clouds
Super secure clouds
 
Double spending
Double spendingDouble spending
Double spending
 
Sept 24 NISO Virtual Conference: Library Data in the Cloud
Sept 24 NISO Virtual Conference: Library Data in the CloudSept 24 NISO Virtual Conference: Library Data in the Cloud
Sept 24 NISO Virtual Conference: Library Data in the Cloud
 
Open Clouds: The New Primitives in Enterprise IT & Mobile Networks
Open Clouds: The New Primitives in Enterprise IT & Mobile NetworksOpen Clouds: The New Primitives in Enterprise IT & Mobile Networks
Open Clouds: The New Primitives in Enterprise IT & Mobile Networks
 
Open Clouds: The New Primitives in Enterprise IT and Mobile Networks
Open Clouds: The New Primitives in Enterprise IT and Mobile NetworksOpen Clouds: The New Primitives in Enterprise IT and Mobile Networks
Open Clouds: The New Primitives in Enterprise IT and Mobile Networks
 
Storagemag onlinemay2012 final
Storagemag onlinemay2012 finalStoragemag onlinemay2012 final
Storagemag onlinemay2012 final
 

Viewers also liked

Comunicacion 1.0 A 2.0
Comunicacion 1.0 A 2.0Comunicacion 1.0 A 2.0
Comunicacion 1.0 A 2.0
vocalcultural
 

Viewers also liked (6)

Comunicacion 1.0 A 2.0
Comunicacion 1.0 A 2.0Comunicacion 1.0 A 2.0
Comunicacion 1.0 A 2.0
 
Comunicacion 2.0
Comunicacion 2.0Comunicacion 2.0
Comunicacion 2.0
 
PLAN DE COMUNICACION 2.0
PLAN DE COMUNICACION 2.0PLAN DE COMUNICACION 2.0
PLAN DE COMUNICACION 2.0
 
ComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SST
ComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SSTComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SST
ComunicaciĂłn 1.0 y 2.0: AplicaciĂłn en el ĂĄmbito de la SST
 
Herramientas de comunicaciĂłn 2.0
Herramientas de comunicaciĂłn 2.0Herramientas de comunicaciĂłn 2.0
Herramientas de comunicaciĂłn 2.0
 
De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...
De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...
De la web 1.0 al 2.0, evoluciĂłn de la comunicaciĂłn corporativa y reputaciĂłn o...
 

Similar to Know your cirrus from your cumulus (with notes)

Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Livingstone Advisory
 
Cloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowResCloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowRes
David Chujor
 
Cloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowResCloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowRes
Darren Szukalski
 
Cloudsourcing2013
Cloudsourcing2013Cloudsourcing2013
Cloudsourcing2013
Cliff Ashcroft
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecurity
drewz lin
 

Similar to Know your cirrus from your cumulus (with notes) (20)

Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?
 
Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?
 
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
 
cloud-computing-security.ppt
cloud-computing-security.pptcloud-computing-security.ppt
cloud-computing-security.ppt
 
Cloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowResCloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowRes
 
Cloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowResCloud_Network_Whitepaper_1123_LowRes
Cloud_Network_Whitepaper_1123_LowRes
 
Cloudsourcing2013
Cloudsourcing2013Cloudsourcing2013
Cloudsourcing2013
 
The What, the Why and the How of Hybrid Cloud
The What, the Why and the How of Hybrid CloudThe What, the Why and the How of Hybrid Cloud
The What, the Why and the How of Hybrid Cloud
 
Cloudsecurity
CloudsecurityCloudsecurity
Cloudsecurity
 
Cloud Computing: The Hard Problems Never Go Away
Cloud Computing: The Hard Problems Never Go AwayCloud Computing: The Hard Problems Never Go Away
Cloud Computing: The Hard Problems Never Go Away
 
Understanding the Cloud
Understanding the CloudUnderstanding the Cloud
Understanding the Cloud
 
Trends from the Trenches (Singapore Edition)
Trends from the Trenches (Singapore Edition)Trends from the Trenches (Singapore Edition)
Trends from the Trenches (Singapore Edition)
 
Handout1o
Handout1oHandout1o
Handout1o
 
Situation Normal - UKUUG Mar'10
Situation Normal - UKUUG Mar'10Situation Normal - UKUUG Mar'10
Situation Normal - UKUUG Mar'10
 
Situation Normal - Presentation at NottTuesday
Situation Normal - Presentation at NottTuesdaySituation Normal - Presentation at NottTuesday
Situation Normal - Presentation at NottTuesday
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
 
Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17
 
Discovering cloudnine
Discovering cloudnineDiscovering cloudnine
Discovering cloudnine
 
IT Performance Management Handbook for CIOs
IT Performance Management Handbook for CIOsIT Performance Management Handbook for CIOs
IT Performance Management Handbook for CIOs
 
5 BENEFITS OF HYBRID CLOUD
5 BENEFITS OF HYBRID CLOUD5 BENEFITS OF HYBRID CLOUD
5 BENEFITS OF HYBRID CLOUD
 

More from Andrew Phillips

More from Andrew Phillips (14)

Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
Spinnaker Summit 2019: Where are we heading? The Future of Continuous DeliverySpinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
 
Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for KubernetesDocker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
 
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...
 
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
 
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
 
New York Kubernetes: CI/CD Patterns for Kubernetes
New York Kubernetes: CI/CD Patterns for KubernetesNew York Kubernetes: CI/CD Patterns for Kubernetes
New York Kubernetes: CI/CD Patterns for Kubernetes
 
nycdevops: "Breaking Down the Prod/Dev Wall"
nycdevops: "Breaking Down the Prod/Dev Wall"nycdevops: "Breaking Down the Prod/Dev Wall"
nycdevops: "Breaking Down the Prod/Dev Wall"
 
Metrics-driven Continuous Delivery
Metrics-driven Continuous DeliveryMetrics-driven Continuous Delivery
Metrics-driven Continuous Delivery
 
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
 
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
 
The Multiple Dimensions of Cross-Cloud Computing
The Multiple Dimensions of Cross-Cloud ComputingThe Multiple Dimensions of Cross-Cloud Computing
The Multiple Dimensions of Cross-Cloud Computing
 
Implementing Continuous Deployment
Implementing Continuous DeploymentImplementing Continuous Deployment
Implementing Continuous Deployment
 
Know your cirrus from your cumulus
Know your cirrus from your cumulusKnow your cirrus from your cumulus
Know your cirrus from your cumulus
 
Deployment is the new build
Deployment is the new buildDeployment is the new build
Deployment is the new build
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Know your cirrus from your cumulus (with notes)

  • 1. 1
  • 6. Well, it does to me! Let me give you an example. We were flying towards what we thought… 6
  • 7. …was a nice “puffy”, but when we hit it at 6000ft or so… 7
  • 8. …it turned into something like this. 3000ft of solid cloud bank. 8
  • 9. When we finally got below it, we were here. 9
  • 10. For the record, we made it quite a long way back, and everyone was safe. 10
  • 11. In general, whether the difference between clouds should matter to you is an open and very good question. 11
  • 12. The Architects’ Answer applies: “it depends”. Opinions differ widely on this – as I was preparing this talk, we had some very interesting ideas about that. 12
  • 13. But how did this whole thing come about in the first place? Well, I spend some of my night hours on jclouds, the Java multi-cloud library. 13
  • 14. jclouds connects to a whole bunch of different cloud providers all the way from IaaS to SaaS, and we have users from every part of the cloud spectrum. From… 14
  • 15. …people that build platforms… 15
  • 16. …to people that build service offerings on top of platforms… 16
  • 17. …to users of those service offerings. 17
  • 18. So we get lots of feature requests, some pretty much ahead of the curve with respect to the rest of the cloud landscape. 18
  • 19. And as we were getting some many requests for additional metadata beyond what the main jclouds Compute and BlobStore APIs provide, we – Adrian, mainly – embarked on an intensive round of information and opinion gathering to see how to best support our users. As expected, views differed quite widely, even amongst experts. From… 19
  • 20. …”why should you care” to… 20
  • 21. …”I need full access”. 21
  • 22. So I should make it very clear now that I am not about to present the One Jclouds Truth about cloud metadata and how much you should have access to or need to have access to. Rather, this is a summary and analysis of what we discovered there, and what we’ve done with this information so far. This is not about you accepting some “gospel truth”… 22
  • 23. …but about putting you in a position to a) know about some of the non-obvious issues out there b) have an idea about how these issues may or may not impact your applications and business c) know where to go to get the information you need In other words, at the end of this talk, you should be further along the road to being able to make an informed decision about how much you want/need to care about cloud details, and how to architect for that! 23
  • 24. The points we’ll address today… 24
  • 25. Unsurprisingly, given that the topics came from our users’ use cases, many are related to the “classic” cloud topics around performance, traceability, jurisdiction, security and recovery. 25
  • 26. Let’s start with location. First of all, it’s important to distinguish between physical (i.e. geographical) and logical (i.e. network) location. 26
  • 27. If you’re talking physical location, sometimes it’s the absolute location you’re talking about. 27
  • 28. Say, within a certain number of hours drive from a certain point, or within a certain geographical area (think jurisdiction). 28
  • 29. Sometimes, it’s only relative location that you’re interested in. 29
  • 30. Such as – and yes, using the same slide to illustrate ;-) – not within 100 miles of each other (think blast radius and disaster recovery) or within 1h drive of each other (think engineer on an emergency callout). Challenges: - what kind of representation to choose? Lat/long not offered by enough providers, plus may vary over time, plus impossible to define for the SNIA concept of “set of regions” where there is no one point. - Some providers have a “location” model that doesn’t correspond to jurisdictional boundaries or “real-world” political entities, which is important for almost all “physical location” use cases. - Some kind of manual mapping required, but luckily the physical location of the actual datacenter(s) – if known – is pretty damn static info. - Good compromise: ISO-3166 30
  • 31. Other times, you’re not really interested in the physical proximity at all, but in the network proximity, which is mainly interesting in terms of performance. Such as: connected by a network connection of at least a certain speed, or within the same “performance or SLA domain” (e.g. availability zone). Or ping times, bandwidth guarantees, speed to main internet peers etc. Or even relative logical location, i.e. “behind a firewall” or “in the same datacenter”. Challenges: - How to choose “representative” IPs when these might shift? - How to measure speed/performance of these IPs in a consistent way when some providers e.g. de-prioritize ICMP traffic 31
  • 32. As we see, many location use cases boil down to jurisdiction, which has relationships also to audit, ownership, stewardship, data sovereignty. This is a hard problem – there are already some startups attempting to help you through this. 32
  • 33. Many companies require audit, but there are as yet few standards or means to identify audit levels of providers, let alone verify them. Cloudaudit is trying to tackle this. Note that audit is not the same as security, although both are “cross-cutting concerns” in the sense that they affect all your choices of platform and service providers, but require different hooks. And, depending on the actual technology you’re talking about, these hooks may not even exist…but more about the problem of “layers” in a bit. 33
  • 34. Ownership of data remains important, but it is not enough. Of course, in most cases your data is still yours, but suddenly you are dependent on… 34
  • 35. …a steward to handle this data for you responsible. It’s no longer your house, and no longer your “house rules”, either. I.e. this steward may well have policies that… 35
  • 36. …prevent him from doing so! And, depending on your offering, there may be multiple “nested” stewards involved – think CloudBees using EC2, all of whom have policies you may be violating. And, in fact, in many cases you may not even be aware of these nested stewards because your immediate provider may not expose that implementation detail, or may decide to switch. The WikiLeaks story is a good demonstration of this… 36
  • 37. This can mess with you especially if you try to apply a “traditional” steward model such as UPS. Of course, they also have T&Cs that prevent you from shipping certain items, but those items remain yours and, more importantly, they remain. In the cloud, if your provider takes you down, your data may be gone. 37
  • 38. In general, there are many questions around data sovereignty and relations to handling policy, especially how to enforce this policy programmatically? - can I control where my data goes? - can I set bounds on what is happening where? - clients with zero tolerance on data location (e.g. us-standard) Don’t be fooled – big companies are actively looking at this, even if they may not talk about it. 38
  • 39. SLA and pricing information is naturally a key metadata concern, especially for platform providers that wish to implement automated chargebacks and/or make intelligent, automated choices about load balancing and system provisioning. Key challenges here: - defining a standard “compute unit” and pricing model for that unit - defining a service level descriptor that can be compared -define a comparable “rebate policy” Note that service levels in the cloud can be more tricky than at first might seem – being inaccessible (perhaps even just being inaccessible from a certain location) may not qualify as a violation of service level. See the EBS case. In other words, if you’re concerned about this it’s wise to take a chaos monkey approach and assume everything can become unavailable. 39
  • 40. Power is still something of a differentiator at present (e.g. “green” vCloud provider), but may become a legal requirement in some areas, e.g. Cali. Note that providers appear unlikely to want to expose this kind of potentially sensitive data to external services. 40
  • 41. So what did jclouds take away from these inputs? 41
  • 42. Well, it’s a hard problem! There are plenty of complicating factors: - missing or incompatible hooks 42
  • 44. - data that is not automatically parsable 44
  • 45. A fundamental issue across all these metadata domains relates to the more-and- more-frequently violated assumptions around the layering of cloud infrastructure (host OS, hypervisor, guest OS etc.). 45
  • 46. We’ve tried to come up with nice architectural abstractions here, that layers represent some kind of infrastructure or software platform (hypervisor, guest OS etc.)… 46
  • 47. …but in many cases this is a bit of a magic trick… 47
  • 48. …and sometimes it goes wrong ;-) There are plenty of offerings out there that nest these (e.g. CohesiveFT and CloudSwitch with nested hypervisors) or virtualize/simulate others, meaning that hooks that expect to be able to access the “layer below” may not work – or worse, may transiently produce different results. 48
  • 49. Conclusion: Small wrinkles (e.g. us-standard, us-west but no us-east) aside, location is both fairly well definable and appears in *many* use cases 49
  • 50. So jclouds introduced the Location API 50
  • 51. Others still too vague/too non-standard/too much “null” data/too much manual work/not enough use cases 51
  • 52. We don’t want to reinvent any wheels here – if possible, one can look at delegating to others e.g. cloudaudit. 52
  • 53. Of course, other organisations are looking at these metadata issues too – e.g. SNIA’s model of allowing the client to express constraints on the provider they want, rather than simply exposing the data and getting the client to choose (‘Data System Metadata’) Open question: not too complicated for storage providers to offer? The OSGi Cloud Working Group is also looking at these issues, and e.g. deltacloud also supports capability metadata, although from a client-query perspective 53
  • 54. 54
  • 55. Basically, whether you need to care about a lot of this depends on the “zoom level” you want to choose. Of course, this decision may change over time – witness lots of people now thinking about having fallback options if EC2 goes down again… 55
  • 56. …but hopefully you’re now at least in a position to think about these issues… 56
  • 57. …in a useful and constructive way. 57
  • 58. Thanks! 58
  • 59. 59