Cloud Computing: How to Solve Challenges and Avoid Typical Mistakes Using Amazon Web Services Handbook and Tips Abstract: Thousands of companies worldwide engage in cloud computing to get financial and technical benefits. Many succeed, yet many more cannot help making mistakes that hinder their efficiency. This white paper will explain how you can win with cloud computing and what challenges you need to overcome. It will also show how to avoid the most common mistakes made by companies using Amazon Web Services, the most popular cloud computing offerings. By Michael Fedotov, Renat Khasanshyn, and Alex Khizhnyak
Contents 1. Executive Summary... 3 2. Cloud Computing is a New Name for an Old Good Thing... 3 3. Four Common Challenges of Cloud Computing... 4 3.1. Different standards... 4 3.2. Caring about security... 5 3.3. Application performance... 5 3.4. Interaction between private and public clouds... 6 4. Amazon Web Services: Opportunities in the Cloud... 6 4.1. Amazon Simple Storage Service (S3)... 7 4.2. Amazon Elastic Compute Cloud (EC2)... 7 4.3. Amazon SimpleDB... 8 5. Amazon Web Services: Challenges and Mistakes to Avoid... 8 5.1. Scalability does not mean auto-scaling... 8 5.2. Disregarding safety of data... 8 5.3. Non-standard URLs and indexing... 9 6. Conclusion... 9 7. About the Authors... 9 Altoros Systems 2
1. Executive Summary According to a recent study by Microsoft, about 30% of companies plan to integrate cloud computing into their infrastructures within the next two years. The tendency is not hard to explain. Another survey by Avanade, a global IT consultancy, revealed that four out of five IT managers and executives believe their existing internal IT systems are too expensive. In the current economic situation, their costs are increasing even more. Photo hosting service SmugMug saved $1,000,000 in 7 months with cloud computing. What makes so many companies consider migrating to the cloud is that cloud computing, in addition to its flexibility and scalability, enables companies to save dramatically. Photo hosting service SmugMug claims to have economized $1,000,000 in just seven months after engaging in the cloud. Thousands of companies have followed SmugMug's example and experienced the same or even higher success. The increasing demand has led to a growing number of related Web service providers, as well. Without a doubt, Amazon Web Services become the most popular one because of the richest functionality and highest safety offered. When rushing into the cloud, many IT executives forget about the new challenges, which makes it harder for them to get all the benefits of cloud computing. Our experience in the cloud has helped us figure out the most common challenges companies face and the mistakes they frequently make. This handbook is here to assist you in solving these issues. 2. Cloud Computing is a New Name for an Old Good Thing Cloud computing is the evolution of three popular IT business trends: infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The main features of cloud computing include the following: It is run on the Web ( in the cloud ). It makes use of a shared infrastructure sometimes very complex known as the cloud, since it is essentially invisible or untouchable to end-users. It is commonly offered as an on-demand service, meaning that customers pay only for their usage of the service, not the service itself, and delegate all maintenance issues to the cloud provider. It offers scalable dynamic resources depending on the current application s requirements. There is no need to allocate much memory for a simple application, and, on the other hand, any additional resources can be drawn in any time for a complex dynamic application. Altoros Systems 3
Usage of cloud computing can be measured and billed exactly for the amount used. This is probably the most adequate method considering the scalability of resources and variable usage intensity. You do not need to overpay! Representing a new approach to information services delivery, cloud computing is beneficial in a variety of ways, including the following: Cloud computing offers flexibility, making it possible to access information from anywhere. The information is not stored on a local server; it is stored on the Web ( in the cloud ). Cloud computing is easy to implement; getting up and running takes much less time than ever before. Cloud computing is cost-effective, as you pay for the service incrementally the price depends only on your usage! With cloud computing, there is no need to worry about keeping your software up-to-date, or constantly upgrading your hardware; everything is done by the cloud provider for free. Cloud computing is safe. Service providers back up their data, so even if one or two servers crash, this does not result in loss of data. Disaster recovery costs with cloud computing are also about half as costly by virtue of cost-effective virtualization. These and other considerations explain the 30 percent increase that, according to the RSA, cloud computing enterprise usage has seen recently. A survey of American companies by the RSA has also revealed that 16% of businesses plan to migrate to the cloud within the next 12 months. However, like any other technology, cloud computing comes with its own challenges; and in order to stay effective, companies need to be prepared for them. 16% of American companies plan to migrate to the cloud within the next 12 months. 3. Four Common Challenges of Cloud Computing Companies that go for cloud computing without proper preparation are likely to run into a number of obstacles where they least expect them. The most typical challenges include the following: 3.1. Different standards Major cloud computing providers, such as Amazon, IBM, Cisco, Salesforce.com, Microsoft, and Google, have come up with their own standards of cloud computing, followed by a considerable number of smaller providers. While the range of standards to choose from may seem a good thing, you will no longer think so when you need to move data from one cloud to another or set up two applications in different Altoros Systems 4
clouds to interact. The cloud is easy and flexible as long as you are within one, but as soon as you start working with another cloud, nothing is simple anymore. Currently, a universally accessible cloud computing application is more of a dream than a reality. So, one must work hard to make data transfer seamlessly between the clouds. 3.2. Caring about security According to the IDC Enterprise Panel, about 75% of IT executives expressed concern about security issues with cloud computing. Like getting involved in any other outsourcing relationship, cloud computing means entrusting your data to a third party. Hence, all the security concerns about data are also handed over to the service provider. Can companies be sure that the cloud will take good care of their data? The system of user authentication and authorization used by a cloud computing service provider should minimize the risk of data getting into the wrong hands. Furthermore, since a cloud is multi-tenant, it is pivotal that a service provider can guarantee faultless data segregation from other customers. The typical way to segregate data is to encrypt it, but, according to Gartner, encryption accidents can make data totally unusable, and even normal encryption can complicate availability. Disaster recovery costs with cloud computing are twice lower. Another question is whether it is secure to transfer data to and from the cloud. All the transfers should exclude the slimmest chance of interception. Then, what happens when a cloud computing service user removes some of their data? Basic security requirements generally specify that the data deleted must be physically removed from the cloud s servers immediately. One more potential source of risk is today s erratic economics. If the service provider should become bankrupt or get swallowed up by a bigger company, what is to become of the data on its servers? A good cloud computing provider should be able to address these and other questions that may arise. Moreover, they should be open about all matters that are closely related to their customers. A company that has its data in the cloud has the full right to know where this data is stored (while in practice companies often do not even know in which country the servers are located), or to carry out an investigation of inappropriate or illegal activity in the cloud. 3.3. Application performance There are two aspects that may limit an application s performance in the cloud. First, it is important to realize that applications in the cloud may run slower than on a local machine. The very idea of virtualization implies certain performance penalties, so IT executives should not be surprised when they notice a 20% or even greater decrease in application performance in the cloud compared to the local environment. However, with some applications, the slowdown in performance will be practically unnoticeable. Altoros Systems 5
There are a lot of factors that determine how an application runs in the cloud, such as application type, workload type, hardware, and others. It also matters that with cloud computing, you cannot rely on a homogeneous environment. The cloud is, in fact, quite heterogeneous: different CPUs, different amounts of memory, etc. Being aware of how an application runs in the cloud is crucial for being realistic about your overall performance. Another virtualization issue is that the maximum amount of memory available on any single virtual machine is 15.5 GB, so far. While this would probably suffice for most needs and you still can unite the resources of several virtual instances, those applications that use more memory on local machines may not run smoothly on a single virtual machine in the cloud. Although it is likely that virtualization vendors, such as VMware and Citrix, may increase this memory limit in the future, just keep that in mind. 3.4. Interaction between private and public clouds When opting for cloud computing, most companies do not externalize all of their data. Considerable amounts of information remain in the so-called private cloud, which means that it is still physically stored within a company s private network. Since data between a private and a public cloud may migrate very often, this process should be as seamless as possible. On top of that, it should meet your security standards. These important details should be arranged before clinching a cloud computing deal. But there is more to it than just that. Imagine that a company decides to back up its local data in the cloud or to save public cloud data locally. This definitely guarantees better safety of data, but the issue of synchronization comes up. You do not want to update your data twice and would prefer automatic synchronization with the cloud. A good cloud computing provider is the one that offers this kind of services to you. 4. Amazon Web Services: Opportunities in the Cloud With the wide range of cloud computing services available in the market today, IT executives sometimes do not know where to look first. In this case, you d better start with the services that enjoy the greatest popularity and best reputation today Amazon Web Services (AWS). Amazon Web Services allow companies to use an effective, time-tested computing infrastructure that Amazon has been using for its own global network of Web sites. The top three most popular cloud computing services from Amazon include: Amazon Web Services are based on Amazon's own time-proven infrastructure. Altoros Systems 6
4.1. Amazon Simple Storage Service (S3) Amazon S3 is a cloud storage service that allows users to store any amount of data and retrieve it from anywhere on the Web. An unlimited number of objects ranging from 1 byte to 5 GB in size can be stored. To sort objects, S3 allows grouping them into buckets, which are very similar to local folders. Amazon S3 enables access restrictions for each of your objects, with a range of available ways to access objects, from HTTP requests to using the BitTorrent protocol. Amazon also ensures a high availability of S3 users data, guaranteeing 99.9 percent uptime, measured monthly. The service is available for a very affordable cost: $0.12 $0.15 per 1 GB, per month. Releasing companies from the need to worry about storage space, uptime, or server maintenance costs and providing great economy, Amazon S3 has gained great popularity with a broad spectrum of clients. WordPress.com, Twitter, Slideshare.net, alongside with thousands of others, are among its users. Photo hosting service SmugMug claims to have saved over $1,000,000 on storage costs after just seven months of using Amazon S3. 4.2. Amazon Elastic Compute Cloud (EC2) Amazon EC2 is a Web service that enables its clients to run and host their applications in the cloud rather than on local machines. It means that customers use a Web interface to administer a virtual machine provided by Amazon. Companies of all sizes have appreciated the opportunity to use massive computer arrays by purchasing access to them, without having to acquire any hardware. EC2 makes it possible to create high-demand Web applications with thousands of users more affordably than ever before. The New York Times relies on Amazon EC2, as well as the S3 storage service, to host its TimesMachine, which provides access to the newspaper s public archives. IBM uses Amazon EC2 to provide pay-asyou-go access to its database and content management software, such as IBM DB2 and Lotus. IBM uses Amazon EC2 to provide payas-you-go access to its database and content management EC2 offers a wide range of virtual machines so that it is possible to choose a configuration best suited for any specific application. This, as well as the fact that the number and types of virtual machines can be changed at any moment, helps Amazon EC2 achieve maximum scalability. Each client can buy just the resources s/he needs, and when the client s needs change, the number of instances in virtual use can change, accordingly. To ensure resistance to failure, instances can be placed in different geographic locations and time zones. The EC2 environment is based on Xen, an open source virtual machine monitor. Amazon EC2 allows you to use and create your own Amazon Machine Images, or AMIs, which serve as templates for your instances. While most AMIs are based on Linux, other operational systems, such as OpenSolaris and Windows Server, are also supported. Altoros Systems 7
The costs of using EC2 consist of an hourly charge per virtual machine and a data transfer charge. The pay-as-you-go system and great scalability opportunities have contributed to Amazon s naming its cloud elastic. 4.3. Amazon SimpleDB Amazon SimpleDB is a service for storing, processing, and querying structure datasets, designed to be used in concert with Amazon EC2 and S3. Not a relational database itself, SimpleDB provides all the functionality of a database, such as real-time lookup and querying of structured data, without the operational complexity. With SimpleDB, there is no need for schemas; the service automatically indexes your data and provides an easy-to-use API for storage and access. The data model is as simple as the service s name suggests: collections of items (small hash tables containing attributes-value pairs) are organized into domains. SimpleDB is impressively fast, even when dealing with large amounts of data. As with S3 and EC2, it offers on-demand scaling: SimpleDB customers are charged only for actual data storage and transfer. Transferring data to other Amazon Web Services is free of charge. 5. Amazon Web Services: Challenges and Mistakes to Avoid Due to their high reliability and cost-saving approach, Amazon Web Services are becoming increasingly popular with companies on both sides of the Atlantic. However, while some things Amazon Web Services make easier to achieve, some things are quite complicated for a newbie. Here are some typical challenges that customers new to Amazon s cloud computing service face and typical mistakes they make. 5.1. Scalability does not mean auto-scaling Mistake: Some IT executives forget that scalability and adjusting the resources that you use are never done automatically. With cloud computing, there still has to be a person who monitors an application s performance and the resources used. For example, as soon as an application run in EC2 needs more memory, this person should see how much more memory is needed and add a virtual instance of appropriate size. Without human management or a custom automation application, there is still a risk of not providing enough resources for an application or overpaying for odd resources. 5.2. Disregarding safety of data Mistake: Some people consider backing up as an unnecessary formality. Altoros Systems 8
It is true, Amazon has a great reputation no complaints of data loss, corruption, or unavailability have ever been heard from its clients so far but the point is, should anything happen to your data due to the performance of your application, bugs, or unforeseen customer efforts, the data will be lost. Therefore, creating backups and undertaking security measures are still as relevant as ever before. 5.3. Non-standard URLs and indexing Challenge: Operating large volumes of dynamic data, Amazon Web Services may create nonstandard and dynamic URLs, which can be an obstacle for smooth search engine optimization. Solution: Whenever it is possible, rewriting a URL is a very helpful practice that is likely to solve the problem. URLs rewritten to look standard are both user-friendly and work better with search engines. Another useful thing to do is create an RSS feed and a sitemap, which will help index your pages faster. Amazon even provides some ready-to-use code for an RSS feed, but creating a custom feed is probably what the most expert developers will do. Creating backups and undertaking security measures are still relevant as ever before. Additionally, consider joining the Amazon Associates program. It is an easy way to boost your search engine ranking by getting connected to millions of Amazon s own pages. Joining is free, but the price you pay is the necessity to put advertisements of Amazon s products somewhere on your Web site. This is, in fact, the driving principle of Amazon Associates you make links to Amazon and get paid for every click, your growing search engine ranking being the positive side effect. For many companies, engaging in the program may not be an appropriate option, but for some it can prove to be a winning decision. 6. Conclusion While cloud computing has the potential to provide a range of benefits to businesses of any size and any industry, the cloud has its own hidden challenges. Those who want to make good use of it should be ready to avoid them to benefit from this promising technology. Once implemented, cloud computing efforts may turn into a huge winner, saving considerable amounts of money, increasing the performance of your applications, and providing 24/7 availability and scalability. 7. About the Authors Michael Fedotov is Technology Evangelist at Altoros. and has been working as a freelance journalist for a number of IT-related periodicals since 2003, covering next to all aspects Altoros Systems 9
of IT, specifically software developments, in an abundance of articles. He has taken part in several scientific conferences and provided services for many more participants creating their presentations. He also has experience working as an interpreter and is currently studying Japanese. Alex Khizhnyak is Chief Evangelist at Altoros and co-founder of the Belarus Java User Group. Since 1998, he has gained experience as an author, editor, media specialist, event manager, conference speaker, and blogger. So far, his education background combines IT, programming, economics, and journalism. Renat Khasanshyn is the founder and CEO of Altoros. Mr. Khasanshyn speaks frequently at a wide range of events, and recently was selected as a finalist for the 2007 Emerging Executive of the Year award by the Massachusetts Technology Leadership Council. Prior to founding Altoros Systems, Mr. Khasanshyn was VP of Engineering for Tampa-based insurance company, PriMed, Inc. Mr. Khasanshyn is a co-founder of the Belarus Java User Group and studied Engineering at Belarusian State Technical University. Altoros is a global software delivery acceleration specialist that provides focused product engineering to technology companies and start-ups. Founded in 2001 and headquartered in Silicon Valley (Sunnyvale, California), Altoros has a sales office in Western Massachusetts, branch offices in Norway, Denmark and UK, and a software development center in Eastern Europe (Minsk, Belarus). For more information, please visit www.altoros.com. Altoros Systems 10