- 9th June 2017
- Posted by: Stephen Downie
- Category: Cloud, Deployment, On-Premise
“Most progressive enterprises are knowledgeable about all of the different cloud service models (IaaS, PaaS, and SaaS), have researched the major vendors, have started executing on their cloud strategy.” —Mike Kavis, Forbes
Deploying services in the 21st Century can be a confusing experience. Namely, where do you deploy? A decade ago, you’d either have your servers in a hot room in your office, or you’d have them in a pricey data center somewhere elsewhere, providing you with access to your databases, Active Directory servers, email, document management and so on. These days though in the age of the cloud the questions can be far more simple, or far more complex.
You can now choose from a slew of options, in the more traditional sense, do you run Windows or Linux? Do you run services in your own data center or in the cloud? Do you manage your own services or do you run your services on a Software As A Service platform? Or do you do a combination of all of them?
Luckily there is no right or wrong answer but in this post we’ll try and help you decipher the important factors that will aid you in making that decision.
Often the number one driving factor of whether to switch to cloud services is cost. There are a number of factors to take into consideration here, in the self hosted environments we have some factors to consider:
The most obvious self hosted cost is hardware, there are still a couple of options here, either buy your own servers and rack space or lease physical servers from a data center supplier on a yearly or monthly basis. Depending on what you want to achieve your costs here will vary and co-locating services will often help you drive down costs. Similarly there are software costs, from the operating system upwards. Do you pay for commercial support? If you’re in a Windows environment you have no choice, for Linux based businesses you have more flexibility there. Certainly paying for operating system level support has a number of advantages both in helping fund further OS development but also in terms of getting priority patches, service support, hardware support and more. The difference here, between Cloud and self hosted is that software costs are usually bundled with the cloud fees, so you don’t necessarily have the initial outlay and instead pay for however much you use.
There is also a human consideration here, in that in the cloud world you don’t pay for engineers time, you don’t even always have to pay for a Systems Administrator and can have it all done for you. If you take into consideration that a good Systems Administrator is going to cost around £40000 and £25,000 for more junior administrators, that cost obviously has to be factored in as well.
Lastly, in the cost bracket is consumables. Electricity, cooling and bandwidth all cost money and depending on the scale of the operation this can increase very quickly, so can the cost of the data center space rented, or the room in your building where the servers are located.
Security is usually pretty high on the list of important stuff when people choose how and where to deploy their services, in fact according to KPMG- 30% of global senior executives said they have concerns related to the loss of data and privacy, while 26% are concerned with general security risks. Amazon for example provide a very flexible and easy to manage firewall service, but a number of the smaller cloud providers do not. Of course, it also takes someone who knows what they are doing to set it up, otherwise you could just expose all your ports to the Internet, but similarly depending on budget, dedicated firewalls for physical hardware can also be very expensive.
At the same time, running your services away from the cloud can offer some help in that it won’t necessarily be the target of blanket DDOS attacks we see aimed at cloud services from time to time. The flip side of course is that many cloud services now have DDOS mitigation techniques in place that would hopefully help prevent attacks on your servers should they be targeted. As an aside, the CIA has a $600 million contract with AWS, and you would imagine that security is high on their priority list. Be honest about your own IT team’s expertise and capacity, by delegating responsibility for cyber-attack response to full-time specialists at a cloud vendor, organizations can spare themselves a major source of cost and distraction.
Make sure your cloud applications are compatible with the cloud infrastructure your vendor supports in terms of login credentials, authentication, and data encryption. Gaps can undermine the integrity and security of your applications. The more frequently your application vendor and cloud vendor have worked together, the less likely it is that there will be gaps.
“Using cloud services means that your data is better protected than if most of us tried to manage it on our own…Large-scale services are all much better than we are at avoiding data loss from gear failure, keeping software up to date, upgrading hardware, and constantly improving security.” —Frank Gillett, Forrester Research
STABILITY AND REDUNDANCY
One of the key factors of cloud use, on top of their simplicity to commission is their general stability and very much their redundancy. Cloud servers on the mainstream providers are pretty bullet proof, of course they have underlying hardware but modern monitoring makes it quick to migrate the servers across nodes should they fail, and the best bit is you don’t have to do anything.
Also we know from our own experience, Amazon often know way ahead of time that a server is on its last legs and will send you an email suggesting you move your cloud server before it falls over completely, which isn’t bad. In a data center if your server fails, you are often on your own, you need new parts, remote hands, and money to fix broken servers and unless you have redundancy built in (which obviously costs more money), there is the potential for critical service downtime, which isn’t good for the business bottom line. In an IDC study discussing AWS they said “End users benefited from fewer service disruptions and quicker recovery, reducing downtime by 72% and saving nearly $32,600 per application per year.” Pretty impressive.
Another often forgotten about, but important issue is data locality. Of course some businesses don’t worry about it, but others have regulatory requirements around their data location and in some cases its not allowed to leave the country. The other important thing to consider about data locality is speed. If you have a lot of data locally that needs to regularly hit servers to process it, where do those servers live? If you’re in the UK and your cloud servers are in the US the transfer speed will be slow, sometimes this doesn’t matter, other times it does and so is worth bearing in mind.
SAAS VENDOR LOCK IN
So you want to go serverless? Not a problem, but be wary of vendor lock in. When you push your data to them, can you get it back? Also if you push data to SAAS vendors, how do they deal with scale if you end up providing high volume data or have lots of people using the service at the same time?
IF I GO CLOUD, WHICH CLOUD TO USE?
If you go cloud of course you get freedom from hardware constraints you can scale to more nodes, shrink to less nodes, make the nodes bigger and make the nodes smaller. So you’re going to go cloud, which do you use? Very good question.
There are the main players:
They all offer a comparable service with some minor differences, Google’s pricing for example is much easier to understand and calculate when compared to Amazon and Microsoft. Also if you’re planning to use Docker, they all offer extra container services which allow you to deploy docker containers into their cloud.
For storage, all offer block storage, but there is also the high volume distributed storage pattern to consider, S3, Data Lake, Cloud Storage and Rackspace Cloud Files. All have their own API so often one of the deciding factors is who and what is going to interact with it. Of course S3 has the most support but there are excellent API’s like JClouds to provide cloud agnostic support for most of these services.
Of course there are also a number of other cloud providers that have their own pros and cons and which you choose will largely depend on your own requirements and budget. But also consider API, automation and whether you need to go with a server or in actual fact could go serverless and depend on a cloud provider to orchestrate the underlying hardware.
As you can see there are a number of questions you need to be able to answer before taking the plunge with any of these, cost is certainly a driving factor in both small scale and large scale deployments, as is in house expertise, which of course relates to both cost and security, to manage these services if you want to be able to host your own services.
At Spicule we have helped many clients over the years make that decision, if you would like to find out more, please get in contact and we’ll be happy to discuss your requirements with you.