Yesterday was the first day of RightScale Compute 2013, our annual conference in San Francisco. (You can also read about Day Two.) The day kicked off with a keynote address by James Staten, vice president and principal analyst at Forrester, and a State of the Cloud report by RightScale CEO Michael Crandell (watch the video). Richard Kaufmann, vice president of Samsung SDS America, followed with a talk on how his organization uses RightScale to manage global cloud applications. The middle of the day was devoted to breakout sessions in four topic areas: Configuration Management, Cloud Architectures, Develop Your Cloud Strategy, and Tour de Clouds. The day closed with two panels on the future of the cloud — the first on applications in the cloud, the second on IT organizations.
In his keynote, Staten spoke to an audience of cloud developers, CIOs, and IT architects. He said Forrester research indicates that 30 percent of developers are cloud developers, while the other 70 percent see cloud as not mature and don’t use it yet. Staten called the cloud developers leaders, innovators, and risk-takers. He said that unlike the 70 percent of non-cloud developers, cloud developers tend to love their jobs more. They have far better relationships with business. They create entirely new types of apps. And they look for learning opportunities in the cloud constantly. He called for the 30 percent to become cloud evangelists, teachers, team players, and advocates.
ServerTemplate Best Practices
RightScale Senior Director of Engineering Tim Miller and Senior Software Engineer Cary Penniman shared some best practices for building RightScale ServerTemplates™ (watch the video), starting with using an efficient developer workflow. Go from a local box straight to an instance and bypass source control by using RightScale for development purposes with the “download_once” tag. This lets you, for instance, troubleshoot a stranded server and fix a Chef cookbook dynamically. Minimize your relaunching as much as possible - make sure every script runs by hand on your servers.
Another good practice: Don’t run servers on HEAD, the editable version of a RightScale asset. Use a committed revision instead to ensure your server will launch consistently. RightScale takes a snapshot of the repository every day in our back end, and you can freeze repositories by date to make sure that your servers launch with the assets you want. Nothing changes, so the server will boot consistently and reliably. A couple of other pointers:
- Commit, freeze, and minimize external dependencies.
- Minimize changes - use cloning.
PCI: Building Compliant Apps in the Cloud
Phil Cox, director of security and compliance for RightScale, talked about building PCI-compliant applications in the cloud (watch the video). “PCI compliance in the cloud IS achievable,” he said. However, “There are a lot of charlatans out there. Be wise with your spending.”
Cox said most providers and all cloud-based operating systems can be PCI-compliant. The same cannot be said for all applications. He also noted that “if you don’t have the right qualified security assessor (QSA) you are screwed.
“Hardening your system is not an ancient Chinese secret,” Cox said. “There are well-documented steps. And a nice aspect of cloud is that since automation is part of the cloud’s DNA, automation of design change reviews can be built in.” Among his advice:
- Do not store the Primary Account Number if you do not need it.
- In fact do not store anything you don’t need.
- Restrict access and users — that’s really no different than what you’d do in a hosted environment.
- “Logging and tracking will bite you — basically no one is doing this right. There is a lack of transparency into some the devices you don’t have access to, such as hypervisor logs. We use RightScale to configure systems to send app logs to a central log server. You have to configure the system to create and send a log, because otherwise it won’t be there when you need it. Then you have to look at the log, because if you don’t look at the log, then it does you no good.”
- There’s no replacement for human testing for compliance.
- Have an incident response plan and make sure it works.
Mastering Puppet Configuration Management in the Cloud
RightScale Product Manager Ryan O’Leary led a session on Mastering Puppet Configuration Management in the Cloud (watch the video). O’Leary said that if you have your Puppet servers handle configuration management for you, you don’t need to use RightScale for configuration management, but you can use RightScale inputs to configure your Puppet environment. Alternatively, all you have to do is add a single script to our Base ServerTemplate to “Puppetize” your instance, and RightScale’s reporting and cost planning can be a huge help in enabling chargeback within your organization.
Looking ahead, expect officially supported ServerTemplates from RightScale Engineering in the near future. You’ll be able to store external facts about servers using tags. And we’ll have a Puppet Master Connector for deeper integration for Puppet environment configuration.
Key Design Considerations for Private and Hybrid Clouds
RightScale Product Manager Utpal Thakrar talked about Design Considerations for Private and Hybrid Clouds (watch the video). He started by noting that virtualization is not cloud computing, though it enables cloud computing. From that base, “always build with the end in mind. Always keep the application in mind,” he said.
A hybrid cloud is one that spans more than one private or public cloud. When would you need a hybrid cloud? One common case is when an application outgrows a private cloud. Many companies also want to “cloudburst,” or add public cloud resources when the demand on a private cloud gets too great. Another possible reason for turning to a hybrid cloud is to satisfy regulatory or compliance issues for parts of the application. Most organizations find they use multiple clouds in different parts of the same organization for different applications, with each app in one cloud.
One typical user case is to put a high-availability production environment in one cloud, and keep a disaster recovery environment in a second cloud. We call this a “warm disaster recovery” scenario. HA/DR can be very expensive.
For a healthy hybrid cloud, you need to eliminate single points of failure as best you can. Every architecture has them - for instance, in OpenStack deployments, you have OpenStack API services, MySQL, and RabbitMQ - but all can be made more fault-tolerant. Build in agility, Thakrar said. Separate the management layer from infrastructure. “Keep the keys to the car outside the car.”
Three Stages of Cloud Adoption
Forrester analyst James Staten led a session on cloud adoption. He related the story of one cloud customer whose average spend was $500 a month. One month the bill shot up to $50,000. That kind of scenario will prompt changes in public cloud consumption. On the other hand, “you will pay more if you avoid ‘pay-per-use’ in cloud.” There will be no rebate, and you have to guess about what you will spend and maybe have to roll over your expenses to following year.
“Scaling down is the key to unlocking cloud economics in your favor,” he said. For example, “big executables equal big expense.” Break apps up into smaller pieces, he advised, so you can scale components more effectively - and not have to scale everything. Then keep scaling up until you get the scary bill, at which time you’ll get to scale down. After that point cloud becomes a profit center.
The model-view-controller (MVC) architecture doesn’t work in the cloud, Staten said. Instead, use a pipes and filters model the take advantage of an agile architecture that allows changes in applications with components that scale out for cloud economics. Evernote, he said, does this well, as does Instagram; LinkedIn learned the hard way.
Staten said time, componentization, service choice (meaning not provider, but cloud services), caching, and code optimization are the tools of cloud economics. Traditional apps struggle on clouds because they are architected with the assumption of stable, reliable hardware, sole ownership of resources, uninterrupted network access, and other static interrelationships. By contrast, cloud is a commodity, with shared resources and networking and no performance guarantees. Cloud can run anywhere, and services are shared with other elements.
To profit from cloud, align your use of cloud to your business needs. How will your cloud service generate revenue? What does the transaction flow cost? Analyze your performance profile. Can you improve your scalability model or action timing? And bake the lessons you learn into your developing cloud architecture.
Windows Azure Automation and Dev/Test for the Enterprise
RightScale’s Patrick McClory and Microsoft’s Mark Brown talked about using Windows Azure automation and RightScale to enhance agile IT (watch the video). If you’re going to automate things, they said, you need visibility into what you have and what is running, so you can drive efficiencies.
Windows Azure just went into general availability for IaaS on April 6. On the compute side, it can handle virtual machines running multiple server options including Windows Server 2008 and 2012 and three flavors of Linux. It also runs additional workloads, including SQL Server and BizTalk. On the networking side, it handles software-defined networking, and you can combine it with Direct Connect to make it look as if cloud resources are running inside your firewalls.
The presenters demoed the Azure dashboard, using it to launch a virtual machine from VM Depot, Microsoft’s online catalog of more than 200 prebuilt images. Users can take any VM created with VMware, run it through a converter, and move it to Microsoft’s Virtual Hard Disk (VHD) format. VMs can be triply replicated to three data centers.
Although Microsoft has taken a static VM approach, McClory pointed out that you can use RightScale ServerTemplatesTM with Windows Azure. We have IaaS, SQL Server, and Active Directory ServerTemplatesTM, among others. The RightScale Dashboard adds another layer of security and offers OAuth authentication.
McClory then demonstrated the use of RightScale with Windows Azure. He showed that for development and testing, you can create an entire deployment, then push one button to clone it and get whole new dev/test environment with standard configurations. You can also build a promotion strategy to cover the whole software development lifecycle, from dev to test to staging to production.
With RightScale and Azure you can push the whole dev/test process into the hands of developers.
Building RightScale’s Globally Distributed Datastore
In this session (watch the video), Josep Blanquer, our chief architect, shared three factors that determine when we use MySQL and when we use Cassandra in our internal architecture:
- When we need transactionality, we take advantage of MySQL’s strong ACID properties.
- When we need availability, we use Cassandra’s distributed, masterless, highly replicated architecture.
- When queryability is the key factor, we use MySQL for its flexibility at adding indexes and changing data models.
We consider our architecture from two different views: What the users see vs. what the clouds see, and what is global vs. what is account-specific.
For data that is close to users and global we use MySQL, which handles smaller amounts of transactional data. To manage availability we use a custom read-only replication scheme.
Some data is close to users and account-specific (sharded). We use MySQL for our Dashboard functions, but for tags and other systems we use Cassandra for its simpler key-value access, greater scalability, and high write availability. For our data archive, which has a low read rate, we use S3, which is globally accessible. With this architecture, we can guarantee that what is put in a particular shard stays there; moving shards is an intentional and manual process.
For data that is close to instances and account-specific, we use a combination of MySQL, Cassandra, and flat files. We keep our services colocated with our resources. “We don’t need instances in every single cloud,” Blanquer said, “but geographically close is the key.”
Next-Generation Cloud Computing with Google
Google’s Evan Anderson told attendees about Google’s cloud platform. He noted that strong isolation of virtual machines was a value proposition for Google Compute Engine (GCE). Google’s frictionless OAuth 2.0 authentication with service accounts is still in beta, but customers are actively using it. Anderson also talked about some upcoming new features, but he went too fast for us to write them down, so watch the video!
Next he moved into a demo, launching 200 instances, with the first one up and running in 27 seconds, and all of them operational in just over a minute and a half. That led into information about the performance records Google has broken, with a slide that referenced a GigaOM article that talked about how fast GCE is compared to AWS. Before he finished, Anderson noted that managing multi-region deployments, which Google believes is a key to scaling, is an area where RightScale shines.
How to Build Your Own IT Vending Machine
RightScale Cloud Solutions Engineer Ryan Geyer talked about how to build a self-service interface on top of RightScale (watch the video). Doing so relies on the simple and powerful RightScale API, which comes with good documentation. We use API 1.5 internally to enable our ops team to perform rolling upgrades on our app servers. They can select all servers by app tag, then for each server they get new code, wait for the code to download to complete, and restart the server.
Geyer ran a live demo in which he created and deleted a deployment using our public Ruby library (right_api_client), which handles authentication and has simple access to mediatype actions and references, running in the interactive Ruby shell (IRB). The demo ran on AWS EC2, and included an admin interface to enable authorized users and terminate and clean up environments that shouldn’t be running. In the demo Geyer introduced some alpha software that may ultimately get open sourced, in the form of a graphical interface to create a deployment Visio-style. He also debuted an in-progress open sourced PHP API 1.5 client.
Integrating RightScale, Windows, and .NET for Fun and Profit
Koupon Media, in the persons of Patrick Moore and Gordon Bailey, showed attendees how to use .NET with RightScale (watch the video). They demonstrated how they use 2012 Team Foundation Server (TFS) for version control. All the resources to replicate the demo are located on the RightScale Support page on MSDeploy.
To get to this point, Koupon Media first found itself with a platform that took too long and was too expensive to scale. “We had a success disaster, and we had to re-engineer the airplane while we were flying.” That led to Koupon embracing the cloud, mobility, and social in order to do more with less. Today their operations are easier, more efficient, and faster, they said.
They also had some kind words for RightScale: “Working with Professional Services was like having an extra set of engineers on staff enforcing best practices. We were not just another face in the crowd. They helped us [use] what we need, not what we thought we needed.”
The best part according to Koupon Media: “I promised our CEO a three-month ROI. It looks like we will get it in six weeks.”
The Data Center as the On-Ramp to Cloud Enablement
RightScale is a key tool in the collision of the data center and the cloud, said Jarrett Appleby, COO of CoreSite, a company that builds and manages data centers across the U.S. (watch the video).
Appleby said data centers are at the center of everything. They facilitate the creation of 2.2 terabytes of data every day. IP traffic is constantly growing, and expected to triple by 2018. Sooner than that, by 2016, Appleby expects three to five data center workloads to be running in cloud. Thus the WAN has to be at the center of your data center, and software-defined networks will drive it.
In choosing a data center, network performance matters. You need to be able to offer sub-millisecond workloads. Systems integrators can be your best friends in helping you get the resources you need.
I don’t have writeups on them, but you can watch video of the sessions for The Business Case for Cloud Management, Unlock Your Cloud, Chef Configuration Management with RightScale, Managing Your Cloud Spend with PlanForCloud, and Tips for a Successful Cloud Proof-of-Concept.
Panel Discussion: The Future of Applications in the Cloud
After the midday sessions (and a refreshment break) we closed the day with two panel discussions. Forrester’s James Staten, acting as moderator, started things off by asking, “What kind of workloads are you bringing to cloud that you are struggling with, or maybe you think you can’t even use cloud?” Panelists included Steven Martin, general manager for Windows Azure; Brian Goldfarb, head of Cloud Platform Marketing at Google; Roger Levy, vice president and general manager at HP; and Duke Skarda, CTO of SoftLayer.
Levy answered by citing HP customer DreamWorks, which generates an incredible volume of data in rendering. ”We provide an object store in the cloud for them so that they get best possible economic outcome.”
Skarda noted that synchronizing data across public clouds is very inefficient. “We are always working on improving that,” he said. Goldfarb noted that Google laid its own trans-Atlantic cables to make sure data transfer is instantaneous.
Interoperability is another issue affecting the future of application in the cloud. “From Google’s perspective,” Goldfarb said, “we want to be part of a multi-cloud environment, whether that’s private plus Google or private plus HP Cloud, for example.” HP’s Levy expressed similar sentiments. ”Cloud is not about homogenizing apps. It's about optimizing workloads.”
Skarda said, “At SoftLayer, we talk customers through leveraging the right resource for the right problem. We don’t go with multi-cloud to just have multi-cloud — what problem are you trying to solve? The key is to architect your system: Think through what you want to do and which tools are best.”
Staten then asked the panelists whether pricing per unit will keep dropping. Microsoft’s Martin said, “We feel great about returning value to customers as prices continue to drop. The market determines value and we’re here to play in it.” Staten followed up by asking how cloud providers can stay profitable. “We will take variability out in other places,” Martin said. “We will do what we do best: high volume, low cost. This is not a side business for Microsoft. We are committed to cloud.”
Skarda said SoftLayer views pricing as a performance and value issue. “Looking at other ways to scale your apps is important, and we will continue to improve our data center performance.”
An audience member asked about the transparency of specs of the underlying hardware in providers’ clouds. Martin said, “There will a race among public cloud providers to get the newest chips and get them into data centers for customers. The industry has not been transparent enough to say what is running under the covers.”
Levy said, “Speeding new chip innovation into public cloud is dear to my heart as someone who works for the world’s number one hardware provider. We will be able to get the best chipset via our relationship with Intel.” To which someone in the audience commented, “I don’t care what the chipset is. I want to know how many seconds the server request takes.”
Goldfarb said, “Google will take care of all those details on your behalf. The secret sauce is how do I combine infrastructure and PaaS — or not — to get what I need.”
Martin said he speaks to two types of customers. One is concerned with such things as clock speed, while the other is “trying to build something radically different with good value and good throughput. The latter is the way of the future.”
Staten began winding up the discussion by asking what is the future of applications in the cloud, and what should the audience plan and architect for? Skarda said, “Know what you are trying to do and find a solution to meet that need. All applications are different; the answer is always ‘it depends.’”
Martin agreed: “Do you want an evolution or a revolution? Do you want to build apps in a brand new way? We can help you, but someone’s ox will get gored and there will be blood on the ground. Be intentional about your goal — do you want to save money or build something totally new?”
Panel Discussion: The Future of IT Organizations in the Cloud
Joining Staten for the final discussion of the day were panelists Jarrett Appleby, COO of CoreSite; Peder Ulander, vice president of product marketing for cloud platform at Citrix; and Scott Sanchez, director of private cloud strategy at Rackspace.
Ulander recalled that back in the early days of public cloud, enterprises had two reactions. Some realized they wanted to bring the cloud model in-house to empower developers. At other shops, IT wanted to open up a virtual layer to power business advances but maintain control over the physical layer. Cloud, Ulander said, removes remedial functions and gives IT the opportunity to be more strategic. IT’s new job is service broker, delivering services with the appropriate risk and cost profile.
Sanchez sympathized with shops struggling with the new realities: “It can feel awkward for the dev and ops teams to move to cloud.”
Appleby noted that moving to full production in the cloud reflects a company’s risk level, “but we want to empower those who are ready.” “Don’t you think IT expects things to be handed to them?” Staten asked.
“IT execs are putting their careers on the line to move to cloud,” Sanchez said. “We try to give them a portfolio of options. We feel we are uniquely positioned to help people make that journey from managed hosting to full cloud deployment.”
That raised a question with an audience member: “Is private cloud going mainstream or is it a temporary bridging technology?”
Sanchez said that the demand for private cloud is long term and hinges on reducing the complexity of managing it, explaining, “as long as an enterprise feels like it is only using one cloud, private cloud is here to stay.”
Going back to his earlier statement, Ulander said IT’s role is to become a service broker to run cloud, and it doesn’t matter where that cloud is as long as your users are successful in their daily life.
And there you have it — day one of RightScale Compute 2013. We hope that attendees got as much out of the first day as we did, and we’re looking forward to a second day just as full of information and communication.