Don’t bring a server to a cloud fight

QoS or not to QoS

One of my professors at IITK when I took the Computer Networks course, said something that had a great impact on how I think now. It has stuck with me since the day I heard it, this was his statement (perhaps worded differently), “If you guys ever get a choice to work on QoS or something else, always choose the something else”, his rationale was, “You can make almost all QoS issues disappear by throwing more money or resources into it”. I see that being tragically true, back when having shiny gray hardware was a thing of pride, you could either spend crazy hours reducing memory footprint and reducing the system load, or you could just add a bit more of RAM and a faster/more processors for similar results, but at much lower costs and get results sooner.

Note: If you are an engineer (or studying to be one), this is not an excuse to be sloppy. No amount of hardware horsepower can fix poor design or bad/broken code. If anything, it should motivate you to be better; you should not be replaceable with a few sticks of RAM.

Don’t bring a server to a cloud fight

Data growth and our hunger for more speed and power is insatiable. We are dealing with unprecedented amounts of data and we have far outgrown the limitations of singular machines.

The cloud offers massive distributed computing and the ability to get massive deployments for hire, with a few clicks. No need to order any hardware and worry about datacenter issues like space, topology, cooling, maintenance, power etc. On-premise datacenters cannot keep up with the growing power of the cloud, it gives you more of almost everything and its continuously evolving.

Most industry problems are around horizontal scale, that is, they are less about how fast you can do each “job”, rather about how many you can do per unit of time. It’s not always the same thing as plainly splitting the load. That being said except for the most “well funded” and specialized hardware needs, the cloud option wins hands down both in performance and economy.

The Speed Card

One of the things I am often asked about my company is about how I will deal with the lack of hardware acceleration in the cloud for managing encrypted traffic. Not surprisingly, this question usually only comes from the people selling hardware :-) If the only reason for new specialized hardware is speed, you are likely designing your cloud solution all wrong (likely) or are dealing with insanely high single connection speeds (unlikely). Cloud offers a lot of parallel processing horsepower and its single units are also fast enough for practically all industry uses/speeds.  Massive players like Zynga may seem like an exception to this, but are actually not, they have not moved away from cloud computing, only from third party cloud provider (they have their own cloud service call ZCloud).

The only reason to commission new hardware is if there is a serious issue blocking cloud adoption. FIPS cards come to mind, but these are specialized uses that most people do not care about (unless you are legally obligated to have FIPS compliances, you are highly unlikely to need it).

The Legal Card

This is something that is not a technical roadblock to the cloud, rather an impedance waiting on the legal system or compliance to evolve (it will, there is no choice). This is not to say that if you are among the regulated industries you cannot move to the cloud. You still can.

Even if you are a company with regulatory compliance requirements on physical location of data storage, not all of your data falls into that category, in fact most does not. This is true for almost all financial institutions, they have a ton of services and data that is non-sensitive and can be offloaded to the cloud. This was actually a pleasant surprise, a very large financial firm’s CIO himself wanted to do this without me even uttering a single word suggesting this.

Physical location of data is sometimes restricted. You can keep your data physically with you, in your datacenter. You can offload just the service that uses the data, to the cloud (with secure connectivity of course, trivial to implement). Of course this applies only to certain kinds of legal obligations (true for certain government data in EU at least).

Access control is a legal requirement for certain industries; currently the cloud vendors do not provide access control by themselves. This gap has traditionally been filled by security hardware in the datacenters, similar solutions exist for the cloud (and we pioneered this in 2011 at CipherGraph Networks are still the most advanced and easy maintenance solution).

Bottom line; don’t bring a server to a cloud fight!

The thing to consider here is that whatever you choose for working with the cloud, your access method, your management workflow or security, it must scale. If you bring hardware to this cloud huddle, you’ll lose soon enough. The cloud is just way too powerful and evolving exponentially for any kind of hardware solution to keep up with.