IaaS in depth
In my first article, I stated Infrastructure as a Service (IaaS) is a service provided by another entity that provides the hardware and hardware support while you maintain the virtual data-center on top of it. In this article we will look at what that means in detail.
Infrastructure as a Service is first and foremost a computing infrastructure. That means it is a complete package of all infrastructure components – server, storage, and networking. Providers typically also offer firewalls, load balancing, and other security and redundancy features as part of their offering, either as an additional benefit or as an option. Advanced features such as clustering are also typically available for an additional charge. One key feature that is built into most offerings is Disaster Recovery. Having multiple data-centers based on virtualization technologies makes Disaster Recovery a snap for these providers and only the smallest, most dubious providers do not have a good, tested DR plan for their (and your) data.
To achieve the economies of scale that makes such offerings possible for providers to still make a profit, these default offerings are provided in the form of a virtual machine. They are not your only option, however. Indeed, you can create a full cloud without ever virtualizing any of your machines at all. The costs would be astronomical, comparatively, but it is possible. The advantage of that, of course, is the same as any other cloud service: Standardized near-instant provisioning of resources with little or no IT involvement. Typically these would only be seen in private clouds, as the cost advantage public clouds provide are completely lost in physical-only clouds.
Which leads to another alternative – Dedicated Private Servers. Most providers can and do offer these dedicated servers if needed due to load or regulatory considerations. These are typically stand alone physical servers that are available only to the customer regardless of resource usage on that machine. As already meantioned, they generally defeat the cost advantages of cloud computing, but there are many instances where they are required regardless of cost. Still, if you have limited or no dedicated IT staff to maintain the system and/or you are already paying for other services this becomes a simple way to comply with the requirements and still keep your costs down.
IaaS providers already have the hardware and data centers up and running, so it is fairly trivial for them to add a few machines for their own use or to expand their offerings. To that end, many IaaS providers are also Platform as a Service providers (PaaS) as well. That means if you are a programmer and your infrastructure needs are rather modest, PaaS services may be more suited to your needs. This route is often a cheaper and less time consuming route for programmers just looking for an application server for their codebase – but that is for another article.
The Good, The Bad, and the Ugly
The single biggest feature that makes public IaaS such a great deal for many companies is that you get the benefits of a full IT staff of experts in every aspect of computer infrastructure support without the headaches or headcount associated with that staff. Enforceable Service Level Agreements guaranteeing up-time availability, top notch equipment, and virtually unlimited compute resources are some other key advantages. Because resources are billed based on use, you only pay for what you use instead of paying for 24/7 access to cover peak demand. As an added bonus for the bean counters, these fees are charged out of your operational expenses instead of capital expenses making forecasting and budgeting easier and allowing them to move many of these costs from fixed costs to variable costs. I am not an accountant so I can’t go into any details, but suffice it to say – this is a good thing for most companies.
Unfortunately, this does mean you need someone well versed in all these aspects to oversee them. An IT Cloud Manager role is absolutely necessary. They don’t need to know the details on implementing each type of solution, but they sure better know which solution is necessary, who the appropriate vendor(s) are, and what offerings are available to fill them. Otherwise key components might be missed and data integrity and availability may be lost. Even if they don’t get missed, you could be paying too much for unwanted, redundant, or unnecessary services due to lack of knowledge. Moreover, it becomes more important than ever that someone is watching technology – what is available, what is vulnerable, and how to cover new vulnerabilities, in addition to everyday duties of tracking SLA compliance and other routine tasks. A great provider will do this too, but due diligence requires the Cloud Manager do this as well.
Another drawback of the cloud is the existing vulnerabilities in the offerings. No, it is not security, though that certainly is a big concern. The biggest vulnerability, particularly for IaaS, is the absolute dependence on network connectivity. It doesn’t matter if it is private cloud, public cloud, or some hybrid, all cloud activity is heavily dependent on the connection(s) to the provider. Network outages that provide inconveniences to traditional infrastructures bring operations to a grinding halt for cloud based services. Moreover, this reliance on the network almost always includes a hidden cost- higher bandwidth usage. So now you need more connectivity at a higher bandwidth creating the real downside of cloud computing, especially for ill designed IaaS solutions. (As an aside, many analysts suggest that cloud based offerings tend to be far more secure due to the increased emphasis on security concerns during the research and analysis phases of project implementation. One thorough discussion with references can be found here).
Finally there is the issue of data ownership. For example, what happens to your data when you no longer want to use a cloud service or provider. Because IaaS offerings are the foundation of your environment, or at least an extension of that foundation, anything residing there will need to be transferred off the providers offerings before you can decommission it’s use. This activity is common for IT personnel, but what if you don’t have that staff anymore? Who is responsible for the move and at what cost? Do you have to hire contractors or can something be worked out with the provider (new or old)? And what about the simple answer? Can’t you just move the entire virtual server? This is the true ugly state as it relates to IaaS. As it turns out, the answer may very well be no. There is a whole host of reasons stemming from who owns what data, the variety of licensed services available to the virtual machines as well as the software that runs on them, and even what virtualization solution was used, if any. One of the most basic examples involves the fact that IaaS providers often provide the OS and own that license, but you own the server application and any licensing involved. How do you go about transitioning that data?
Another more insidious example to consider is what happens if you don’t pay, or there is a delay in payment? Do you get your infrastructure turned off, or can you keep using it for a certain amount of time? Does the virtual machine and data on it get destroyed when it is “turned off”? If so, how soon? I have seen many companies on the brink of closure. Some return from the brink to be true success stories. However, when the creditors come knocking and customers are late paying, if your infrastructure is turned off you might as well forget about recovery.
The easy answer to many of these situations, of course, is well negotiated contracts covering as many conceivable situations as possible. Do your homework and ensure you have your data available when and where you need it. Prepaying annually for a guaranteed minimum level of service you are going to use, may give extra leverage as a customer and ensure complete availability over the long term. Other options may make sense as well. Don’t forget to play the vendors off one another during negotiations as well, at least to the extent possible. If you use this tactic, vendors are often more flexible on non-monetary aspects so take advantage of that and use the negotiation table to get the required flexibility for their stated price rather than trying to reduce price for the services provided. After all, it is just two different sides of the same service – you still get more for the price. What other aspects have you seen that you need to be wary of? Post them here for all to take note….